Lucene search
HistoryNov 21, 2014 - 3:59 p.m.
CVE-2014-8683
cve-2014-8683
cross-site scripting
xss
gogs
go git service
vulnerability
remote code injection
5.5 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.3%
Cross-site scripting (XSS) vulnerability in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.8 allows remote attackers to inject arbitrary web script or HTML via the text parameter to api/v1/markdown.
Related
veracode
veracode
Cross-site Scripting (XSS)
2017-04-28 07:24:32
gitlab
gitlab
osv
osv
Cross-site Scripting in Gogs
2021-06-29 18:32:53
securityvulns
securityvulns
CVE-2014-8683 XSS in Gogs Markdown Renderer
2014-12-01 00:00:00
packetstorm
packetstorm
Gogs Markdown Renderer Cross Site Scripting
2014-11-14 00:00:00
prion
prion
Cross site scripting
2014-11-21 15:59:00
github
github
Cross-site Scripting in Gogs
2021-06-29 18:32:53
zdt
zdt
Gogs Markdown Renderer Cross Site Scripting Vulnerability
2014-11-16 00:00:00
openvas
openvas
Gogs >= 0.3.1, < 0.5.8 Multiple Vulnerabilities
2015-02-06 00:00:00
5.5 Medium
AI Score
Confidence
High
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
75.3%
Related for CVE-2014-8683