Show filters
2 Total Results
Displaying 1-2 of 2
Sort by:
Attacker Value
Unknown

CVE-2019-11228

Disclosure Date: April 15, 2019 (last updated November 27, 2024)
repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 does not validate the form.MirrorAddress before calling SaveAddress.
0
0
Attacker Value
Unknown

CVE-2019-11229

Disclosure Date: April 15, 2019 (last updated November 27, 2024)
models/repo_mirror.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 mishandles mirror repo URL settings, leading to remote code execution.
Attack Vector: NetworkPrivileges: LowUser Interaction: None
0
0