Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
freebsdFreeBSD83466F76-AEFE-11EC-B4B6-D05099C0C059
HistoryMar 23, 2022 - 12:00 a.m.

gitea -- Open Redirect on login

2022-03-2300:00:00
vuxml.freebsd.org
34
gitea
open redirect
login
security issue
browsers
backslashes

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

41.5%

JSON

Andrew Thornton reports:

    When a location containing backslashes is presented, the existing
    protections against open redirect are bypassed, because browsers
    will convert adjacent forward and backslashes within the location
    to double forward slashes.
OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchgitea< 1.16.5UNKNOWN

Related

prion 1
osv 4
github 1
nvd 1
nuclei 2
cve 1
openvas 1
veracode 1
cvelist 1
huntr 2
nessus 1
prion
prion
Open redirect
2022-03-24 15:15:00
osv
osv
Gitea Open Redirect
2022-03-25 00:00:33
CVE-2022-1058
2022-03-24 15:15:08
Gitea Open Redirect in code.gitea.io/gitea
2024-06-04 15:19:21
github
github
Gitea Open Redirect
2022-03-25 00:00:33
nvd
nvd
CVE-2022-1058
2022-03-24 15:15:08
nuclei
nuclei
Gitea <1.16.5 - Open Redirect
2023-03-31 11:28:24
PyLoad 0.5.0 - Pre-auth Remote Code Execution (RCE)
2023-07-04 12:51:35
cve
cve
CVE-2022-1058
2022-03-24 15:15:08
openvas
openvas
Gitea < 1.16.5 Open Redirect Vulnerability
2022-03-29 00:00:00
veracode
veracode
Open Redirect
2022-03-25 06:18:06
cvelist
cvelist
CVE-2022-1058 Open Redirect on login in go-gitea/gitea
2022-03-24 14:15:12
huntr
huntr
Open Redirect on login
2022-03-23 11:11:11
Open Redirect on follow/unfollow user's profile action
2023-06-07 07:33:02
nessus
nessus
FreeBSD : gitea -- Open Redirect on login (83466f76-aefe-11ec-b4b6-d05099c0c059)
2022-03-29 00:00:00

CVSS2

5.8

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:P/A:N

CVSS3

6.1

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

CHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

EPSS

0.001

Percentile

41.5%

JSON
Related for 83466F76-AEFE-11EC-B4B6-D05099C0C059
prion1osv4github1nvd1nuclei2cve1openvas1veracode1cvelist1huntr2nessus1