4 matches found
Cross-site Scripting (XSS)
github.com/gogs/gogs is vulnerable to Cross-site Scripting XSS. The vulnerability is due to the inclusion of an outdated version of pdfjs v1.4.20 that allows client-side JavaScript execution...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the pdfjs-1.4.20 component under public/plugins/. An attacker can execute arbitrary JavaScript code in the context of the user's browser by injecting malicious scripts into PDF files rendered by the...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the pdfjs-1.4.20 component under public/plugins/. An attacker can execute arbitrary JavaScript code in the context of the user's browser by injecting malicious scripts into PDF files rendered by the...
Gogs 安全漏洞
Gogs Go Git Service is a self-service Git hosting service based on Go language by the Gogs team, which supports creating and migrating public/private repositories, adding and deleting repository collaborators, and so on. A security vulnerability exists in Gogs 0.14.0+dev and earlier versions, whi...