CVE-2022-0870

MEDIUM NUCLEI

Gogs < 0.12.5 - SSRF

Title source: rule

Description

Server-Side Request Forgery (SSRF) in GitHub repository gogs/gogs prior to 0.12.5.

Nuclei Templates (1)

Gogs <0.12.5 - Server-Side Request Forgery
MEDIUMVERIFIEDby theamanrawat,Akincibor
Shodan: cpe:"cpe:2.3:a:gogs:gogs" || http.title:"sign in - gogs"
FOFA: title="sign in - gogs"

References (2)

Scores

CVSS v3 5.3
EPSS 0.0523
EPSS Percentile 90.0%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Details

CWE
CWE-918
Status published
Products (2)
gogs/gogs < 0.12.5
gogs.io/gogs 0 - 0.12.5Go
Published Mar 11, 2022
Tracked Since Feb 18, 2026