2 matches found
CVE-2022-32174
Gogs CVE-2022-32174 affects versions v0.6.5–v0.12.10 with a Stored XSS that can lead to account takeover. The vulnerability arises from improper validation in the select assignee component, enabling a remote authenticated attacker to inject script that runs in a victim’s browser within the hostin...
CVE-2022-32174 Gogs - XSS
In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting XSS that leads to an account takeover...