Vulnerabilities > Gitea > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-07-18 | CVE-2019-1010261 | Cross-site Scripting vulnerability in Gitea Gitea 1.7.0 and earlier is affected by: Cross Site Scripting (XSS). | 6.1 |
| 2019-07-11 | CVE-2019-1010314 | Cross-site Scripting vulnerability in Gitea 1.7.2/1.7.3 Gitea 1.7.2, 1.7.3 is affected by: Cross Site Scripting (XSS). | 6.1 |
| 2019-02-04 | CVE-2019-1000002 | Unspecified vulnerability in Gitea Gitea version 1.6.2 and earlier contains a Incorrect Access Control vulnerability in Delete/Edit file functionallity that can result in the attacker deleting files outside the repository he/she has access to. | 6.5 |
| 2018-10-08 | CVE-2018-1000803 | Information Exposure vulnerability in Gitea Gitea version prior to version 1.5.1 contains a CWE-200 vulnerability that can result in Exposure of users private email addresses. | 5.3 |