CVE-2021-28378

CVE-2021-28378

CVSS 3.7 LOWEPSS 8.8%

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations.

CVSS:3.1/AC:H/AV:N/A:N/C:L/I:L/PR:L/S:U/UI:R

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://blog.gitea.io/2021/03/gitea-1.13.4-is-released/https://github.com/go-gitea/gitea/pull/14898 https://github.com/PandatiX/CVE-2021-28378