Résumé
Gogs Vulnerable to CSRF Leading to Organization Owner Takeover
Références
Vulnérabilités liées
Tout Supply chain →- HIGHGHSA-V7J5-VC4M-723W
Budibase has an Account Impersonation Issue — Chat Identity Link Hijacking via Missing Consent & CSRF
- HIGHGHSA-V3F4-W7R7-V3HM
Uni-CLI: Legacy HTTP MCP transport accepted browser-originated localhost requests
- MEDIUMGHSA-MXJX-28VX-XJJJ
Network-AI: ApprovalInbox HTTP server has no authentication — anyone can approve pending agent actions
- HIGHGHSA-WV27-2VQP-J7G5
Gogs has the ability to import local repositories via Mirror Settings
- HIGHGHSA-P9F5-H3RX-J5QW
Gogs Missing Authorization in Attachment Download
- HIGHGHSA-JQ8V-RMF6-65JW
Gogs has Stored XSS in `.ipynb` Preview