24 matches found
EUVD-2023-2029
Malicious code in bioql PyPI...
GO-2022-0862 Gitea Improper Input Validation in github.com/go-gitea/gitea
Gitea Improper Input Validation in github.com/go-gitea/gitea...
GO-2022-0846 Gitea Remote Code Execution in github.com/go-gitea/gitea
Gitea Remote Code Execution in github.com/go-gitea/gitea...
GO-2022-0579 Open redirect in Gitea in github.com/go-gitea/gitea
Open redirect in Gitea in github.com/go-gitea/gitea...
GO-2022-0314 Cross-site Scripting in Gitea in github.com/go-gitea/gitea
Cross-site Scripting in Gitea in github.com/go-gitea/gitea...
BIT-GITEA-2022-0905 Missing Authorization in go-gitea/gitea
Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4...
Open Redirect
github.com/go-gitea/gitea is vulnerable to Open Redirect. The vulnerability exists due to improper path sanitization in the RedirectToFirst function, which allows an attacker to pass a crafted POST request, redirecting the victim to a malicious site...
CVE-2023-3515 Open Redirect in go-gitea/gitea
Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4...
CVE-2023-3515 Open Redirect in go-gitea/gitea
Open Redirect in GitHub repository go-gitea/gitea prior to 1.19.4...
Stored Cross-site Scripting in gitea
Cross-site Scripting XSS - Stored in GitHub repository go-gitea/gitea prior to 1.16.9 via unfiltered pdfs...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Cross-site Scripting XSS - Stored in GitHub repository go-gitea/gitea prior to 1.16.9...
CVE-2022-1928
Cross-site Scripting XSS - Stored in GitHub repository go-gitea/gitea prior to 1.16.9...
CVE-2022-1928 Cross-site Scripting (XSS) - Stored in go-gitea/gitea
Cross-site Scripting XSS - Stored in GitHub repository go-gitea/gitea prior to 1.16.9...
Remote Code Execution (RCE)
github.com/go-gitea/gitea is vulnerable to remote code execution. The vulnerability exists due to a lack of sanitization of the newPullRequest function in the giteauploader.go file allowing an attacker to inject maliciously crafted script into the system...
Open redirect
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...
CVE-2022-1058 Open Redirect on login in go-gitea/gitea
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...
CVE-2022-1058 Open Redirect on login in go-gitea/gitea
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5...
Authorization Bypass
github.com/go-gitea/gitea is vulnerable to authorization bypass. The vulnerability exists in the Auth function in pam.go due to missing checks in the pam module, allowing a malicious attacker to log in and perform unauthorized actions...
CVE-2022-0905
Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4...
Authorization
Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4...