PT-2018-13849 · Gogs · Gogs
Name of the Vulnerable Software and Affected Versions: Gogs version 0.11.53 Description: The issue allows an attacker to trigger MIME type sniffing using a crafted .eml file, leading to XSS. This is demonstrated by Internet Explorer and is caused by the lack of an "X-Content-Type-Options: nosniff...