Note:
This project will be discontinued after December 13, 2021. [more]
2018-08-08
An SSRF vulnerability in webhooks in Gitea through 1.5.0-rc2 and Gogs through 0.11.53 allows remote attackers to access intranet services.
| Products | Gitea, Gogs |
| Type | Server-Side Request Forgery (SSRF) (CWE-918) |
| First patch | - None (likely due to unavailable code) |
| Links |
• https://github.com/go-gitea/gitea/issues/4624
• https://github.com/gogs/gogs/issues/5366 |