CNNVD-202512-4793 Information
Dec 26, 2025
cve
CNNVD ID
CNNVD-202512-4793
Related CVE
- CNNVD Published: 2025-12-26
Description (Chinese)
Gitea是Gitea社区的一个基于Go开发的轻量型git服务。 Gitea 1.20.1之前版本存在安全漏洞,该漏洞源于允许使用禁止的URL方案如javascript,可能导致跨站脚本攻击。
Description (English)
Gitea is a light-size git service developed by Go in the Gitea community. There was a security loophole in the pre-Gitea 1.20.1 version, which stemmed from the fact that the use of prohibited URL programmes, such as javascript, could result in a cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Gitea
Published
2025-12-26
Last Modified
2026-02-24
References
https://blog.gitea.com/release-of-1.20.1/ https://github.com/go-gitea/gitea/pull/25960 https://github.com/go-gitea/gitea/releases/tag/v1.20.1 https://access.redhat.com/security/cve/cve-2025-68946
Patch
https://github.com/go-gitea/gitea/releases
Share on: