CVE-2025-68946
Published
CVSS v3
5.4
MEDIUM
CVSS v2
N/A
Affected
1
PROJECT
Description
In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used for a link, aka XSS.
Git with a cup of tea! Painless self-hosted all-in-one software development service, including Git hosting, code review, team collaboration, package registry and CI/CD
GitHub