An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.
References
Link | Resource |
---|---|
https://github.com/go-gitea/gitea/issues/4624 | Issue Tracking Third Party Advisory |
https://github.com/gogs/gogs/issues/5366 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2018-08-08 02:29
Updated : 2024-02-04 20:03
NVD link : CVE-2018-15192
Mitre link : CVE-2018-15192
CVE.ORG link : CVE-2018-15192
JSON object : View
Products Affected
gitea
- gitea
gogs
- gogs
CWE
CWE-918
Server-Side Request Forgery (SSRF)