CVE-2025-68939
π΄ HIGHGitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.
Description
Request Expert ReviewGitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.
CVSS Scores
References
Additional Information
- Source
- cve@mitre.org
- State
- Undergoing analysis
Related CVEs
CVE-2026-0837
HIGHA vulnerability was identified in UTT θΏε 520W 1.7.7-180627. This affects the function strcpy of the file /goform/formFireWall. Such manipulation of...
CVE-2026-0836
HIGHA vulnerability was determined in UTT θΏε 520W 1.7.7-180627. The impacted element is the function strcpy of the file /goform/formConfigFastDirectionW...
CVE-2025-15505
LOWA vulnerability was found in Luxul XWR-600 up to 4.0.1. The affected element is an unknown function of the component Web Administration Interface. The...
CVE-2026-0824
LOWA security flaw has been discovered in questdb ui up to 1.11.9. Impacted is an unknown function of the component Web Console. The manipulation results...
CVE-2026-0822
MEDIUMA vulnerability was identified in quickjs-ng quickjs up to 0.11.0. This issue affects the function js_typed_array_sort of the file quickjs.c. The mani...
CVE-2025-13393
MEDIUMThe Featured Image from URL (FIFU) plugin for WordPress is vulnerable to Server-Side Request Forgery in all versions up to, and including, 5.3.1. This...
Share CVE-2025-68939
Share on Social Media
Copy Link
Embed Code
Request Expert Analysis
Request a professional security analysis for CVE-2025-68939 from our verified experts.
Credits System
Use your credits to get expert analysis from verified security professionals. Purchase more credits anytime!