Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-13B20B3AA202E5A78259B35F31B6A714HistoryJun 29, 2021 - 12:00 a.m.
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
2021-06-2900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
7
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
72.3%
Cross-site scripting (XSS) vulnerability in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.x before 0.5.8 allows remote attackers to inject arbitrary web script or HTML via the text parameter to api/v1/markdown.
| CPE | Name | Operator | Version |
|---|---|---|---|
| go/gogs.io/gogs | ge | 0.3.1 | |
| go/gogs.io/gogs | lt | 0.5.8 |
Related
veracode
veracode
Cross-site Scripting (XSS)
2017-04-28 07:24:32
securityvulns
securityvulns
CVE-2014-8683 XSS in Gogs Markdown Renderer
2014-12-01 00:00:00
osv
osv
Cross-site Scripting in Gogs
2021-06-29 18:32:53
packetstorm
packetstorm
Gogs Markdown Renderer Cross Site Scripting
2014-11-14 00:00:00
zdt
zdt
Gogs Markdown Renderer Cross Site Scripting Vulnerability
2014-11-16 00:00:00
prion
prion
Cross site scripting
2014-11-21 15:59:00
github
github
Cross-site Scripting in Gogs
2021-06-29 18:32:53
cve
cve
CVE-2014-8683
2014-11-21 15:59:00
openvas
openvas
Gogs >= 0.3.1, < 0.5.8 Multiple Vulnerabilities
2015-02-06 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.005 Low
EPSS
Percentile
72.3%
Related for GITLAB-13B20B3AA202E5A78259B35F31B6A714