{"id":"GHSA-36h2-95gj-w488","summary":"Open redirect in Gitea","details":"Gitea before 1.4.3 is affected by URL Redirection to Untrusted Site ('Open Redirect') via internal URLs.","aliases":["BIT-gitea-2021-45328","CVE-2021-45328","GO-2022-0579"],"modified":"2024-08-21T15:41:49.175200Z","published":"2022-02-09T00:00:28Z","database_specific":{"github_reviewed":true,"nvd_published_at":"2022-02-08T16:15:00Z","cwe_ids":["CWE-601"],"severity":"MODERATE","github_reviewed_at":"2022-02-14T23:00:49Z"},"references":[{"type":"ADVISORY","url":"https://nvd.nist.gov/vuln/detail/CVE-2021-45328"},{"type":"WEB","url":"https://github.com/go-gitea/gitea/issues/4332"},{"type":"WEB","url":"https://blog.gitea.io/2018/06/release-of-1.4.3"},{"type":"PACKAGE","url":"https://github.com/go-gitea/gitea"}],"affected":[{"package":{"name":"github.com/go-gitea/gitea","ecosystem":"Go","purl":"pkg:golang/github.com/go-gitea/gitea"},"ranges":[{"type":"SEMVER","events":[{"introduced":"0"},{"fixed":"1.4.3"}]}],"database_specific":{"source":"https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2022/02/GHSA-36h2-95gj-w488/GHSA-36h2-95gj-w488.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}