Back to CVE List

CVE-2025-68939

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score
5.3 / 10
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N

Vulnerability Description

Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-424
Source
NVD
Vendor
gitea
Product
gitea

External References

Discussion (0)

Add Comment

No comments yet. Be the first!