CVE-2021-45326

CVE-2021-45326

EPSS 0.6%

Cross Site Request Forgery (CSRF) vulnerability exists in Gitea before 1.5.2 via API routes.This can be dangerous especially with state altering POST requests.

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://blog.gitea.io/2018/10/gitea-1.5.2-is-released/https://github.com/go-gitea/gitea/issues/4838 https://github.com/go-gitea/gitea/pull/4840