Vulnerability Database

Published: Apr 15, 2019
Updated: Nov 9, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2019-11228" target="_blank" rel="noopener"> CVE-2019-11228
GHSA: <a href="https://github.com/advisories/GHSA-q47x-6mqq-4w92" target="_blank" rel="noopener"> GHSA-q47x-6mqq-4w92
Severity: Medium
Exploit:

309,237

Total vulnerabilities in the database

repo/setting.go in Gitea before 1.7.6 and 1.8.x before 1.8-RC3 does not validate the form.MirrorAddress before calling SaveAddress.

CVSS v2:

CWEs:

Software	From	Fixed in
gitea / gitea	1.8.0-rc1	1.8.0-rc1.x
gitea / gitea	1.8.0-rc2	1.8.0-rc2.x
gitea / gitea	-	1.7.6
github.com/go-gitea/gitea/models	-	1.7.6

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.