GHSA-v8f2-2ghq-9whvHighCVSS 7.5
Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting...
🔗 CVE IDs covered (1)
📋 Description
Gitea versions before 1.25.5 accept malformed or injected forwarded-proto values when detecting public URLs, allowing spoofed canonical URL generation.