Lucene search
Veracode Vulnerability DatabaseVERACODE:35922HistoryJun 09, 2022 - 7:24 a.m.
Cross-Site Scripting (XSS)
2022-06-0907:24:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
0.001 Low
EPSS
Percentile
26.8%
gogs.io/gogs is vulnerable to cross-site scripting. The vulnerability exists in list.tmpl because the DisplayName is not properly sanitized which allows an attacker to inject and execute arbitrary javascript.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gogs.io/gogs | le | v0.12.8 | |
| gogs.io/gogs | le | v0.12.8 |
Related
osv
osv
Cross-site Scripting vulnerability in repository issue list in Gogs
2022-06-08 22:24:25
CVE-2022-31038
2022-06-09 17:15:09
nvd
nvd
CVE-2022-31038
2022-06-09 17:15:09
cve
cve
CVE-2022-31038
2022-06-09 17:15:09
prion
prion
Design/Logic Flaw
2022-06-09 17:15:00
cvelist
cvelist
CVE-2022-31038 XSS vulnerability in repository issue list in Gogs
2022-06-08 17:40:11
gitlab
gitlab
alpinelinux
alpinelinux
CVE-2022-31038
2022-06-09 17:15:00
github
github
Cross-site Scripting vulnerability in repository issue list in Gogs
2022-06-08 22:24:25
openvas
openvas
Gogs < 0.12.9 Multiple Vulnerabilities
2022-06-10 00:00:00