Jolheiser

Name of the Vulnerable Software and Affected Versions: Gitea versions 1.12.x through 1.13.3 Gitea versions 1.1.0 through 1.12.5 Description: The issue allows for cross-site scripting (XSS) via certain issue data in some situations. It also enables authenticated remote code execution through the git hook feature. Recommendations: For Gitea versions 1.12.x through 1.13.3, update to version 1.13.4 or later. For Gitea versions 1.1.0 through 1.12.5, consider disabling the git hook feature as a temporary workaround until a patch is available.