HIGH7.1
Missing Authorization in GitHub repository go-gitea/gitea prior to 1.16.4.
CVSS 2.0MEDIUM 5.5
CVSS:2.0/AV:N/AC:L/Au:S/C:P/I:P/A:NCVSS 3.xHIGH 7.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N
Severity:
Closed issues (4)
MEDIUM6.1
Open Redirect on login in GitHub repository go-gitea/gitea prior to 1.16.5.
CVSS 2.0MEDIUM 5.8
CVSS:2.0/AV:N/AC:M/Au:N/C:P/I:P/A:NCVSS 3.xMEDIUM 6.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NMEDIUM6.1
Gitea Open Redirect
CVSS 3.xMEDIUM 6.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:NReferences
- https://nvd.nist.gov/vuln/detail/CVE-2022-1058
- https://github.com/go-gitea/gitea/pull/19175
- https://github.com/go-gitea/gitea/pull/19186
- https://github.com/go-gitea/gitea/commit/e3d8e92bdc67562783de9a76b5b7842b68daeb48
- https://github.com/go-gitea/gitea
- https://huntr.dev/bounties/4fb42144-ac70-4f76-a5e1-ef6b5e55dc0d
HIGH7.1
Gitea Missing Authorization vulnerability
CVSS 3.xHIGH 7.1
CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:NReferences
- https://nvd.nist.gov/vuln/detail/CVE-2022-0905
- https://github.com/go-gitea/gitea/commit/1314f38b59748397b3429fb9bc9f9d6bac85d2f2
- https://github.com/go-gitea/gitea/commit/3e5c844a7758fa29126d201f4f98bf21bca6d314
- https://github.com/go-gitea/gitea
- https://huntr.dev/bounties/8d221f92-b2b1-4878-bc31-66ff272e5ceb