CVE-2024-6886
CRITICAL NUCLEIGitea <1.22.0 - XSS
Title source: llmDescription
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gitea Gitea Open Source Git Server allows Stored XSS.This issue affects Gitea Open Source Git Server: 1.22.0.
Nuclei Templates (1)
Gitea 1.22.0 - Cross-Site Scripting
MEDIUMVERIFIEDby soonghee2
Scores
CVSS v4
10.0
EPSS
0.2520
EPSS Percentile
96.2%
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H
Details
CWE
CWE-79
Status
published
Products (2)
code.gitea.io/gitea
0 - 1.22.1Go
Gitea/Gitea Open Source Git Server
1.22.0
Published
Aug 06, 2024
Tracked Since
Feb 18, 2026