CVE-2026-24135

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, a path traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the server by manipulatin...

Directory Traversal

Overview Affected versions of this package are vulnerable to Directory Traversal in the updateWikiPage function that allows a user with write access to a given repository's wiki to delete files with the oldtitle parameter. Details A Directory Traversal attack also known as path traversal aims to...

Gogs vulnerable to arbitrary file deletion via Path Traversal in wiki page update

Summary A Path Traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the server by manipulating the oldtitle parameter in the wiki editing form. Vulnerability...

PT-2026-6860

Summary A Path Traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the server by manipulating the old title parameter in the wiki editing form. Vulnerability...

PT-2026-6758

Name of the Vulnerable Software and Affected Versions Gogs versions prior to 0.13.4 Gogs versions 0.13.0 through 0.13.3 Description Gogs is a self-hosted Git service. A path traversal issue exists in the updateWikiPage function. An authenticated user with write access to a repository's wiki can...