XSS in Gogs

CVE-2022-32174

In Gogs, versions v0.6.5 through v0.12.10 are vulnerable to Stored Cross-Site Scripting (XSS) that leads to an account takeover.

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.580 (99.0th percentile) — read the EPSS interpretation.