CVE-2018-18926

Publication date

2018-11-04 06:00:00

Family

mitre

State

PUBLISHED

Description

Gitea before 1.5.4 allows remote code execution because it does not properly validate session IDs. This is related to session ID handling in the go-macaron/session code for Macaron.