CVE-2021-45326

CVE-2021-45326

EPSS 0.6%

Cross Site Request Forgery (CSRF) vulnerability exists in Gitea before 1.5.2 via API routes.This can be dangerous especially with state altering POST requests.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://blog.gitea.io/2018/10/gitea-1.5.2-is-released/https://github.com/go-gitea/gitea/issues/4838 https://github.com/go-gitea/gitea/pull/4840