PT-2019-12202 · Go Gitea+1 · Gitea+1
Published
2019-04-13
·
Updated
2024-08-21
·
CVE-2019-11228
CVSS v3.1
7.5
High
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Gitea versions 1.7.0 through 1.7.6
Gitea versions 1.8.0 through 1.8-RC2
Description
The issue arises from improper input validation in the
form.MirrorAddress before calling the SaveAddress function. This lack of validation can lead to potential security issues.Recommendations
For Gitea versions 1.7.0 through 1.7.6, update to version 1.7.6 or later.
For Gitea versions 1.8.0 through 1.8-RC2, update to version 1.8-RC3 or later.
Fix
RCE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Alt Linux
Gitea