Missing Authorization

Overview Affected versions of this package are vulnerable to Missing Authorization in the POST /wikis/wikiName endpoint. An attacker can create or update documents in the target wiki by sending unauthenticated requests to the affected REST endpoint. Remediation Upgrade...

CVE-2026-24135

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, a path traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the server by manipulatin...

CVE-2026-24135 Gogs vulnerable to arbitrary file deletion via path traversal in wiki page update

Gogs is an open source self-hosted Git service. In version 0.13.3 and prior, a path traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the server by manipulatin...

CVE-2026-24135

CVE-2026-24135 affects Gogs self-hosted Git service. In versions up to 0.13.3, a path traversal in the updateWikiPage function allows an authenticated user with wiki write access to delete arbitrary server files by manipulating the old_title parameter. Impact: potential file deletion in the serve...

PT-2026-6860

Summary A Path Traversal vulnerability exists in the updateWikiPage function of Gogs. The vulnerability allows an authenticated user with write access to a repository's wiki to delete arbitrary files on the server by manipulating the old title parameter in the wiki editing form. Vulnerability...

OPENSUSE-SU-2020:1998-1 Security update for moinmoin-wiki

This update for moinmoin-wiki fixes the following issues: - update to version 1.9.11: CVE-2020-25074 boo1178744: fix remote code execution via cache action CVE-2020-15275 boo1178745: fix malicious SVG attachment causing stored XSS vulnerability This update was imported from the...