2025-12-26 02:03:59
mitre
PUBLISHED
Gitea before 1.23.0 allows attackers to add attachments with forbidden file extensions by editing an attachment name via an attachment API.