Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Gitea Gitea Open Source Git Server allows Stored XSS.This issue affects Gitea Open Source Git Server: 1.22.0.
The vulnerability results from the lack of proper input data sanitization before embedding it in generated HTML pages. An attacker can inject malicious script code (JavaScript payload) which is permanently stored on the server side (Stored XSS). Each time the victim visits the infected page, the malicious script is automatically executed in the user's browser context without any interaction from the user.
An attacker can hijack sessions of authenticated users, steal sensitive data (tokens, cookies, login credentials) and perform unauthorized actions on behalf of the victim within the Gitea instance. In environments with elevated privileges, this can lead to compromise of source code repositories and development infrastructure.
Gitea should be updated to version 1.22.1 or later, in which the vulnerability has been removed. Patch details are available at https://blog.gitea.com/release-of-1.22.1/ and in the pull request https://github.com/go-gitea/gitea/pull/31200.
Gitea Open Source Git Server version 1.22.0.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X