HOST: bytespeicher.lists.bytespeicher.org UUID: fc4de9ee810 --------------------------------------------------------------------------- Hello there, OUR SECURITY SCANNER "REPO LOOKOUT" HAS FOUND A VULNERABILITY ON A HOST FOR WHICH YOU ARE LISTED AS THE CONTACT! Repo Lookout is a non-commercial project to find inadvertently publicly exposed source code repositories. # DETAILS The following URL was world-readable at the time of scanning (Mar 23 '23): - https://bytespeicher.lists.bytespeicher.org/.git This allows (at least partial) access to the site's underlying source code repository. For instance, the last code commit has been:: - 3d6555ac: clone: from https://gitlab.com/mailman/mailman-bundler.git Such access to the repository could give an attacker insight into the structure of the site (e.g. hidden functionality, critical bugs, or credentials to third-party services) and enable downstream attacks (e.g. data leakage, phishing, and extortion). IT IS HIGHLY RECOMMENDED TO DISABLE ACCESS TO THE SOURCE CODE REPOSITORY! # WHAT IS "REPO LOOKOUT"? Repo Lookout is a large-scale security scanner, with a single purpose: Find source code repositories that have been inadvertently exposed to the public and report them to the domain's technical contact. Visit https://www.repo-lookout.org/ to learn more about the project. # SPONSORING If you found this vulnerability report useful, please consider supporting the project by becoming a sponsor on Ko-fi (https://ko-fi.com/repolookout). Thank you very much! Best regards, The "Repo Lookout" Team --------------------------------------------------------------------------- Copyright 2022–23 Crissy Field GmbH (https://www.crissyfield.de/)