FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

gitea -- privilege escalation, XSS

Affected packages
		gitea	<	1.6.2

Details

VuXML ID	29d34524-0542-11e9-a444-080027fee39c
Discovery	2018-12-19
Entry	2018-12-21

The Gitea project reports:

Security

Sanitize uploaded file names

HTMLEncode user added text

[source]

References

URL	https://github.com/go-gitea/gitea/issues/5565
URL	https://github.com/go-gitea/gitea/issues/5569

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.