Server-Side Request Forgery Vulnerability in Gitea by Gitea
CVE-2021-45327
9.8CRITICAL
What is CVE-2021-45327?
Gitea versions before 1.11.2 are vulnerable to a flaw that allows remote attackers to exploit trusting HTTP permission methods on the server side. This vulnerability affects the admin and user API, potentially enabling an attacker to execute arbitrary code remotely. As a result, unauthorized access to sensitive operations could be achieved, compromising the integrity of the system and its data.
