Show filters
1 Total Results
Displaying 1-1 of 1
Sort by:
Attacker Value
Unknown

CVE-2020-28991

Disclosure Date: November 24, 2020 (last updated November 28, 2024)
Gitea 0.9.99 through 1.12.x before 1.12.6 does not prevent a git protocol path that specifies a TCP port number and also contains newlines (with URL encoding) in ParseRemoteAddr in modules/auth/repo_form.go.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0