2 matches found
CVE-2021-45331
An Authentication Bypass vulnerability exists in Gitea before 1.5.0, which could let a malicious user gain privileges. If captured, the TOTP code for the 2FA can be submitted correctly more than once...
CVE-2021-45331
The CVE-2021-45331 issue affects Gitea prior to 1.5.0 and is an Authentication Bypass where a malicious user could abuse the TOTP-based 2FA workflow to gain privileges. Root cause is an authentication mechanism flaw that allows submitting a valid TOTP correctly more than once, enabling privilege ...