A vulnerability has been found in
OneDev up to 4.0.2 and classified as critical. This vulnerability affects an unknown part of the file
/users/{id} of the component
REST UserResource Endpoint. Upgrading to version 4.0.3 eliminates this vulnerability. Applying a patch is able to eliminate this problem. The bugfix is ready for download at
github.com. The best possible mitigation is suggested to be upgrading to the latest version.
Lien vers l'article source