ALT Linux Team

Package gitea update in p8 on 2019-03-26

ALT-PU-2019-1522-1

Package gitea updated to version 1.7.4-alt1 for branch p8 in task 225381.

Closed vulnerabilities

Published: 2019-07-11
Modified: 2024-11-21

CVE-2019-1010314

Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting (XSS). The impact is: execute JavaScript in victim's browser, when the vulnerable repo page is loaded. The component is: repository's description. The attack vector is: victim must navigate to public and affected repo page.

Severity: MEDIUM (6.1) Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
References:
VKontakte | Telegram | YouTube | Forum | GitHub | Bugzilla
Version: 2.1.0
Back to top