VDB

CVE-2025-68942

CVE-2025-68942 PUBLISHED

Gitea before 1.22.2 allows XSS because the search input box (for creating tags and branches) is v-html instead of v-text.

EPSS 0.01% · 0.8th percentile

Risk Scores

EPSS Score
0.01%
0.8th percentile

Affected Products

VendorProductVersions
Bitnamigitea0
Bitnamigitea0, 0

Timeline

  • Dec 26, 2025 CVE Published
  • Dec 26, 2025 EPSS Score
  • Dec 26, 2025 PoC Published
  • Dec 30, 2025 EPSS Score
  • Jan 2, 2026 EPSS Score
  • Jan 6, 2026 EPSS Score
  • Jan 9, 2026 EPSS Score
  • Jan 13, 2026 EPSS Score
  • Jan 17, 2026 EPSS Score
  • Jan 20, 2026 EPSS Score
  • Jan 24, 2026 EPSS Score
  • Jan 28, 2026 EPSS Score
Open in Interactive Console →
$ Console Community · 100/wk Open console ›