CVE-2024-6886
Aug. 6, 2024, 4:30 p.m.
Tags
Product(s) Impacted
Gitea Open Source Git Server
- 1.22.0
Description
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gitea Gitea Open Source Git Server allows Stored XSS.This issue affects Gitea Open Source Git Server: 1.22.0.
Weaknesses
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
CWE ID: 79Date
Published: Aug. 6, 2024, 4:16 a.m.
Last Modified: Aug. 6, 2024, 4:30 p.m.
Status : Awaiting Analysis
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
88ee5874-cf24-4952-aea0-31affedb7ff2
References
https://blog.gitea.com/
88ee5874-cf24-4952-aea0-31affedb7ff2
https://github.com/
88ee5874-cf24-4952-aea0-31affedb7ff2