Security Vulnerabilities
In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used for a link, aka XSS.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-12-26
Cybersecurity Nozomi Networks Labs, a specialized security company focused on Industrial Control Systems (ICS) and OT/IoT security, has found a flaw that camera's client service does not perform certificate validation. The manufacturer has released patch firmware for the flaw, please refer to the manufacturer's report for details and workarounds.
CVSS Score
3.7
EPSS Score
0.0
Published
2025-12-26
Gitea before 1.21.8 inadvertently discloses users' login times by allowing (for example) the lastlogintime explore/users sort order.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-12-26
Gitea before 1.22.2 sometimes mishandles the propagation of token scope for access control within one of its own package registries.
CVSS Score
5.0
EPSS Score
0.0
Published
2025-12-26
In Gitea before 1.21.2, an anonymous user can visit a private user's project.
CVSS Score
5.8
EPSS Score
0.0
Published
2025-12-26
Gitea before 1.22.2 allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-12-26
Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.
CVSS Score
8.2
EPSS Score
0.0
Published
2025-12-26
In Gitea before 1.22.5, branch deletion permissions are not adequately enforced after merging a pull request.
CVSS Score
3.1
EPSS Score
0.0
Published
2025-12-26
Gitea before 1.22.3 mishandles access to a private resource upon receiving an API token with scope limited to public resources.
CVSS Score
4.9
EPSS Score
0.0
Published
2025-12-26
A weakness has been identified in sunkaifei FlyCMS up to abbaa5a8daefb146ad4d61027035026b052cb414. The impacted element is the function userLogin of the file src/main/java/com/flycms/web/front/UserController.java of the component User Login. Executing manipulation of the argument redirectUrl can lead to cross site scripting. The attack can be launched remotely. The exploit has been made available to the public and could be exploited. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The project was informed of the problem early through an issue report but has not responded yet.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-12-26