ALT-PU-2023-8535-1

Package update gitea in branch p10

Version1.20.2-alt1

Published2023-08-10

Max severityMEDIUM

Severity:

Closed issues (2)

MEDIUM5.4

In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used for a link, aka XSS.

Published: 2025-12-26Modified: 2025-12-31

CVSS 3.xMEDIUM 5.4

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References

GHSA-hq57-c72x-4774

MEDIUM5.4

Gitea vulnerable to Cross-site Scripting

Published: 2025-12-26Modified: 2025-12-26

CVSS 3.xMEDIUM 5.4

CVSS:3.x/CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N

References