---

CVE-2021-28378 - log back

CVE-2021-28378 edited at 15 Mar 2021 07:38:49
Severity	- Unknown + High
Remote	- Unknown + Remote
Type	- Unknown + Cross-site scripting
Description	+ Gitea 1.12.x and 1.13.x before 1.13.4 allows cross-site scripting (XSS) via certain issue data in some situations.
References	+ https://github.com/go-gitea/gitea/pull/14898 + https://github.com/go-gitea/gitea/commit/7d3e174906a24552f32ea5215910bab9cebeafa4
Notes

CVE-2021-28378 created at 15 Mar 2021 07:36:05