CVE-2019-11228

CVE-2019-11228

EPSS 1.3%

repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 does not validate the form.MirrorAddress before calling SaveAddress.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/go-gitea/gitea/releases/tag/v1.7.6 https://github.com/go-gitea/gitea/releases/tag/v1.8.0-rc3