Total
23 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2018-15192 | 2 Gitea, Gogs | 2 Gitea, Gogs | 2018-10-18 | 5.0 MEDIUM | 8.6 HIGH |
| An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services. | |||||
| CVE-2018-15178 | 1 Gogs | 1 Gogs | 2018-10-05 | 5.8 MEDIUM | 6.1 MEDIUM |
| Open redirect vulnerability in Gogs before 0.12 allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via an initial /\ substring in the user/login redirect_to parameter, related to the function isValidRedirect in routes/user/auth.go. | |||||
| CVE-2018-15193 | 1 Gogs | 1 Gogs | 2018-10-05 | 6.8 MEDIUM | 8.8 HIGH |
| A CSRF vulnerability in the admin panel in Gogs through 0.11.53 allows remote attackers to execute admin operations via a crafted issue / link. | |||||