GO-2026-4367 Gitea has improper access control for uploaded attachments in code.gitea.io/gitea

Gitea has improper access control for uploaded attachments in code.gitea.io/gitea...

GO-2022-0982 Improper Privilege Management in Gitea in code.gitea.io/gitea

Improper Privilege Management in Gitea in code.gitea.io/gitea...

GO-2022-0832 Cross-site Scripting in Gitea in code.gitea.io/gitea

Cross-site Scripting in Gitea in code.gitea.io/gitea...

GO-2022-0609 Gitea Missing Authorization vulnerability in code.gitea.io/gitea

Gitea Missing Authorization vulnerability in code.gitea.io/gitea...

GO-2022-0450 Shell command injection in gitea in code.gitea.io/gitea

Shell command injection in gitea in code.gitea.io/gitea...

GO-2023-1999 Gitea erroneous repo clones in code.gitea.io/gitea

Gitea erroneous repo clones in code.gitea.io/gitea...

GO-2023-1971 Gogs and Gitea SSRF Vulnerability in code.gitea.io/gitea

Gogs and Gitea SSRF Vulnerability in code.gitea.io/gitea...

GO-2023-1922 Gitea XSS Vulnerability in code.gitea.io/gitea

Gitea XSS Vulnerability in code.gitea.io/gitea...

GO-2023-1894 code.gitea.io/gitea Open Redirect vulnerability

code.gitea.io/gitea Open Redirect vulnerability...

GO-2024-2769 Gitea allowed assignment of private issues in code.gitea.io/gitea

Gitea allowed assignment of private issues in code.gitea.io/gitea...

GO-2024-2752 Gitea Open Redirect in code.gitea.io/gitea

Gitea Open Redirect in code.gitea.io/gitea...

GO-2024-2757 Buffer Overflow in gitea in code.gitea.io/gitea

Buffer Overflow in gitea in code.gitea.io/gitea...

Improper Validation

code.gitea.io/gitea is vulnerable to Improper Validation. The vulnerability exists because Migration Downloaders can change the CloneURL which is improperly validated, allowing an attacker to redirect users to a malicious clone URL...