CNNVD-202512-4791 Information

CNNVD ID

CNNVD-202512-4791

Related CVE

CVE-2025-68942

• CNNVD Published: 2025-12-26

Description (Chinese)

Gitea是Gitea社区的一个基于Go开发的轻量型git服务。 Gitea 1.22.2之前版本存在安全漏洞，该漏洞源于搜索输入框使用v-html而非v-text，可能导致跨站脚本攻击。

Description (English)

Gitea is a light-size git service developed by Go in the Gitea community. There is a security loophole in the pre-Gitea 1.22.2 version, which stems from the use of v-html instead of v-text in the search input box, which may result in a cross-site script attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Gitea

Published

2025-12-26

Last Modified

2026-02-24

References

https://blog.gitea.com/release-of-1.22.2/ https://github.com/go-gitea/gitea/pull/31966 https://github.com/go-gitea/gitea/releases/tag/v1.22.2 https://access.redhat.com/security/cve/cve-2025-68942

Patch

https://github.com/go-gitea/gitea/releases