Subversion 1.4.3 and earlier does not properly implement the "partial access" privilege for users who have access to changed paths but not copied paths, which allows remote authenticated users to obtain sensitive information (revision properties) via svn (1) propget, (2) proplist, or (3) propedit.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation18 reference(s) from NVD