28 matches found
GO-2026-4498 Gogs has a Protected Branch Deletion Bypass in Web Interface in gogs.io/gogs
Gogs has a Protected Branch Deletion Bypass in Web Interface in gogs.io/gogs. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please...
GO-2026-4450 Gogs user can update repository content with read-only permission in gogs.io/gogs
Gogs user can update repository content with read-only permission in gogs.io/gogs. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners,...
GO-2026-4449 Gogs Vulnerable to 2FA Bypass via Recovery Code in gogs.io/gogs
Gogs Vulnerable to 2FA Bypass via Recovery Code in gogs.io/gogs. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an...
GO-2026-4457 Gogs has authorization bypass in repository deletion API in gogs.io/gogs
Gogs has authorization bypass in repository deletion API in gogs.io/gogs. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please...
GO-2026-4451 Gogs has a Denial of Service issue in gogs.io/gogs
Gogs has a Denial of Service issue in gogs.io/gogs. NOTE: The source advisory for this report contains additional versions that could not be automatically mapped to standard Go module versions. If this is causing false-positive reports from vulnerability scanners, please suggest an edit to the...
Directory Traversal
gogs.io/gogs is vulnerable to Directory Traversal. The vulnerability is due to improper input validation in the editFilePost function of internal/route/repo/editor.go, allowing attackers to access unintended directories...
GO-2024-3275 Unpatched Remote Code Execution in Gogs in gogs.io/gogs
Unpatched Remote Code Execution in Gogs in gogs.io/gogs...
GO-2022-1060 Gogs vulnerable to Cross-site Scripting in gogs.io/gogs
Gogs vulnerable to Cross-site Scripting in gogs.io/gogs...
GO-2022-0831 SQL Injection in Gogs in gogs.io/gogs
SQL Injection in Gogs in gogs.io/gogs...
GO-2022-0822 Open Redirect in gogs.io/gogs
Open Redirect in gogs.io/gogs...
GO-2022-0788 Insecure Permissions in Gogs in gogs.io/gogs
Insecure Permissions in Gogs in gogs.io/gogs...
GO-2022-0797 Insecure Permissions in Gogs in gogs.io/gogs
Insecure Permissions in Gogs in gogs.io/gogs...
GO-2022-0749 OS Command Injection in gogs in gogs.io/gogs
OS Command Injection in gogs in gogs.io/gogs...
GO-2022-0642 Cross-site Scripting in Gogs in gogs.io/gogs
Cross-site Scripting in Gogs in gogs.io/gogs...
GO-2022-0597 Cross-site Scripting in Gogs in gogs.io/gogs
Cross-site Scripting in Gogs in gogs.io/gogs...
GO-2022-0562 Path Traversal in Git HTTP endpoints in Gogs in gogs.io/gogs
Path Traversal in Git HTTP endpoints in Gogs in gogs.io/gogs...
GO-2022-0566 SSRF in repository migration in gogs.io/gogs
SSRF in repository migration in gogs.io/gogs...
GO-2022-0570 Path Traversal in file editor on Windows in Gogs in gogs.io/gogs
Path Traversal in file editor on Windows in Gogs in gogs.io/gogs...
GO-2022-0473 Cross site scripting via cookies in gogs in gogs.io/gogs
Cross site scripting via cookies in gogs in gogs.io/gogs...
GO-2022-0377 SSRF in repository migration in gogs.io/gogs
SSRF in repository migration in gogs.io/gogs...