CVE-2023-3515

CVSS 3.1 Score 4.4 of 10 (medium)

Details

Published Jul 5, 2023
Updated: Dec 23, 2023
CWE ID 601

Summary

CVE-2023-3515 is a vulnerability that affects the GitHub repository go-gitea/gitea prior to version 1.19.4. It is categorized as an Open Redirect vulnerability, with a base severity of MEDIUM and a base score of 4.4 according to NVD. The vulnerability can be exploited remotely and requires low privileges, with user interaction being required. The impact on integrity and confidentiality is low, while the attack complexity is high. There have been 153 reported hits for this vulnerability. The affected products include various versions of ZGNLIy, d5kEmX, d5kEmW, and d5kEmV, among others. To remediate this vulnerability, organizations should update their go-gitea/gitea installations to version 1.19.4 or later. This vulnerability poses a potential danger to organizations as it can be exploited to redirect users to malicious websites, leading to potential data breaches or other security incidents.

Share

Explore Beyond the CVE Basics with Recorded Future's Vulnerability Intelligence

Note: This is just a basic overview providing quick insights into CVE-2023-3515 information. Gain full access to comprehensive CVE data, risk scores, prioritization, and mitigation data through Recorded Future's Vulnerability Intelligence:
  • Prioritize with Risk-Based Scoring
  • Explore the Extensive Vulnerability Database
  • Receive Early Alerts on Emerging CVEs
  • Focus on Critical Exploitable Vulnerabilities
  • Streamline Remediation with Integration Options