2 matches found
Gitea < 1.7.1 XSS Vulnerability
Gitea is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:gitea:gitea"; if...
CVE-2019-1010261
Gitea 1.7.0 and earlier is affected by a Cross-Site Scripting (XSS) vulnerability in the go-get URL generation component. The attack requires a victim to open a specially crafted URL, enabling execution of arbitrary JavaScript in the victim’s browser. The issue is mitigated by upgrading to 1.7.1 ...