CVE-2019-11228Improper Input Validation in Go-gitea Gitea

CWE-20Improper Input Validation4 documents3 sources
Severity
7.5HIGHNVD
EPSS
0.2%
top 53.22%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Go-gitea GiteaGitea
Timeline
PublishedApr 15
Latest updateAug 21

Description

repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 does not validate the form.MirrorAddress before calling SaveAddress.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 3.9 | Impact: 3.6

Affected Packages2 packages

NVDgitea/gitea< 1.7.6+1

Patches

Patch: github.comPatch: github.comPatch: github.com

🔴Vulnerability Details

3
OSV
Gitea Improper Input Validation in github.com/go-gitea/gitea2024-08-21
GHSA
Gitea Improper Input Validation2022-02-15
OSV
Gitea Improper Input Validation2022-02-15