Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 848465 (CVE-2022-1928) - <www-apps/gitea-1.16.9: stored xss bug (CVE-2022-1928)
Summary: <www-apps/gitea-1.16.9: stored xss bug (CVE-2022-1928)
Status: RESOLVED FIXED
Alias: CVE-2022-1928
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal minor (vote)
Assignee: Gentoo Security
URL: https://huntr.dev/bounties/6336ec42-5...
Whiteboard: B4 [glsa+]
Keywords:
Depends on:
Blocks:
 
Reported: 2022-05-30 07:07 UTC by filip ambroz
Modified: 2022-10-31 02:18 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description filip ambroz 2022-05-30 07:07:34 UTC
Cross-site Scripting (XSS) - Stored in GitHub repository go-gitea/gitea prior to 1.16.9.

Impact:
As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account.

Proof of Concept:
https://try.gitea.io/cokeBeer/test/src/branch/main/poc.pdf

Fix:
https://github.com/go-gitea/gitea/commit/65e0688a5c9dacad50e71024b7529fdf0e3c2e9c
Comment 1 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-05-30 22:33:28 UTC
XSS -> 4
Comment 2 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-07-18 16:15:16 UTC
Fix is in 1.16.9.
Comment 3 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-08-13 03:56:17 UTC
XSS requires user interaction, very low impact, so no GLSA.
Comment 4 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-21 17:24:39 UTC
We've got a bunch of Gitea bugs so we'll GLSA them all together.
Comment 5 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-21 17:27:34 UTC
GLSA request filed.
Comment 6 Larry the Git Cow gentoo-dev 2022-10-31 01:42:10 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/data/glsa.git/commit/?id=3f72d6f5794d0d3c914ffacdf4c915fd8aac8d89

commit 3f72d6f5794d0d3c914ffacdf4c915fd8aac8d89
Author:     GLSAMaker <glsamaker@gentoo.org>
AuthorDate: 2022-10-31 01:10:13 +0000
Commit:     John Helmert III <ajak@gentoo.org>
CommitDate: 2022-10-31 01:40:14 +0000

    [ GLSA 202210-14 ] Gitea: Multiple Vulnerabilities
    
    Bug: https://bugs.gentoo.org/848465
    Bug: https://bugs.gentoo.org/857819
    Bug: https://bugs.gentoo.org/868996
    Bug: https://bugs.gentoo.org/877355
    Signed-off-by: GLSAMaker <glsamaker@gentoo.org>
    Signed-off-by: John Helmert III <ajak@gentoo.org>

 glsa-202210-14.xml | 48 ++++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 48 insertions(+)
Comment 7 John Helmert III archtester Gentoo Infrastructure gentoo-dev Security 2022-10-31 02:18:57 UTC
GLSA released, all done!