CVE-2018-18926
CVE-2018-18926: Gitea prior to 1.5.4 is vulnerable to remote code execution due to improper validation of session IDs in the go-macaron/session handling. Affected product is Gitea (Go-based repository server); the root cause is session management logic in Macaron. Public references consistently d...