EPSS
Percentile
30.4%
github.com/go-gitea/gitea is vulnerable to authorization bypass. The vulnerability exists in the Auth function in pam.go due to missing checks in the pam module, allowing a malicious attacker to log in and perform unauthorized actions.
Auth
pam.go
github.com/advisories/GHSA-jr9c-h74f-2v28
github.com/go-gitea/gitea/commit/1314f38b59748397b3429fb9bc9f9d6bac85d2f2
github.com/go-gitea/gitea/pull/19040
github.com/go-gitea/gitea/pull/19047
huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb
huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb/