Missing Origin Validation in WebSockets

Overview @farmfe/core is a Farm is a extremely fast web build tool written in Rust. Farm can start a project in milliseconds and perform HMR within 10ms, making it much faster than similar tools like webpack and vite. Affected versions of this package are vulnerable to Missing Origin Validation i...

PT-2019-12203 · Gitea +1 · Gitea +1

Name of the Vulnerable Software and Affected Versions: Gitea versions 1.7.0 through 1.7.5 Gitea versions 1.8.0 through 1.8-RC2 Description: The issue arises from the mishandling of mirror repository URL settings in the models/repo mirror.go file, leading to remote code execution. This allows an...