First published: Tue Feb 08 2022(Updated: )
Cross Site Scripting (XSS) vulnerability exists in Gitea before 1.5.1 via the repository settings inside the external wiki/issue tracker URL field.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Gitea Gitea | <1.5.1 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID is CVE-2021-45329.
The severity level of CVE-2021-45329 is medium.
The Cross Site Scripting (XSS) vulnerability in Gitea before 1.5.1 occurs via the repository settings inside the external wiki/issue tracker URL field.
The Gitea software versions up to, but exclusive of, 1.5.1 are affected by CVE-2021-45329.
Yes, you can find more information about CVE-2021-45329 in the following references: [1] https://blog.gitea.io/2018/09/gitea-1.5.1-is-released/ [2] https://github.com/go-gitea/gitea/pull/4710