cvedb.io
CVE-2022-1464
MEDIUM · CVSS 5.4
EPSS exploitation probability: 0%
Published 2022-05-05T14:15:08.010 · Last modified 2026-06-17T04:22:29.983

Summary

Stored xss bug in GitHub repository gogs/gogs prior to 0.12.7. As the repo is public , any user can view the report and when open the attachment then xss is executed. This bug allow executed any javascript code in victim account .

Affected products

gogs — gogs

Does this affect you?

Add your gear to cvedb and we'll alert you only when gogs ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.