Home Packages KEV Critical Insights Jobs Pricing

Loading…

Data from OSV.dev, CISA KEV, and FIRST EPSS.Sync status GitHub

CVE-2014-8683 — Cross-site Scripting in Gogs in gogs.io/gogs · VulnScope

CVE-2014-8683

Cross-site Scripting in Gogs in gogs.io/gogs

EPSS 0.30%

Description

Cross-site Scripting in Gogs in gogs.io/gogs

How to fix CVE-2014-8683

To remediate CVE-2014-8683, upgrade the affected package to a fixed version below.

Go/gogs.io/gogs—upgrade to 0.5.8 or later
Go/gogs.io/gogs—upgrade to 0.5.8 or later

Is CVE-2014-8683 being exploited?

Low — EPSS is 0.3%, meaning exploitation activity has not been observed at scale.

Affected packages (2)

>= 0.3.1, < 0.5.8
>= 0.3.1, < 0.5.8

References (10)

ADVISORYgithub.com/advisories/GHSA-9hx4-qm7h-x84j
ADVISORYnvd.nist.gov/vuln/detail/CVE-2014-8683
WEBexchange.xforce.ibmcloud.com/vulnerabilities/98693
WEBgithub.com/gogits/gogs/commit/3abc41cccab2486012b46305827433ad6f5deade

Metadata

Published: 6/29/2021
Modified: 3/3/2026

Also known as:

GHSA-9hx4-qm7h-x84jghsa
GO-2022-0642goadvisory

WEB

github.com/gogits/gogs/releases/tag/v0.5.8

WEBgogs.io/docs/intro/change_log.html

WEBpacketstormsecurity.com/files/129118/Gogs-Markdown-Renderer-Cross-Site-Scripting.html

WEBseclists.org/fulldisclosure/2014/Nov/31

WEBseclists.org/fulldisclosure/2014/Nov/34

WEBwww.securityfocus.com/archive/1/533996/100/0/threaded

Go/gogs.io/gogs

Go/gogs.io/gogs