VDB
CVE-2025-68946
CVE-2025-68946
PUBLISHED
In Gitea before 1.20.1, a forbidden URL scheme such as javascript: can be used for a link, aka XSS.
EPSS 0.01% · 0.5th percentile
Risk Scores
EPSS Score
0.01%
0.5th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Bitnami | gitea | 0 |
| Bitnami | gitea | 0, 0 |
Timeline
- Dec 26, 2025 CVE Published
- Dec 26, 2025 EPSS Score
- Dec 30, 2025 EPSS Score
- Jan 2, 2026 EPSS Score
- Jan 6, 2026 EPSS Score
- Jan 9, 2026 EPSS Score
- Jan 13, 2026 EPSS Score
- Jan 17, 2026 EPSS Score
- Jan 20, 2026 EPSS Score
- Jan 24, 2026 EPSS Score
- Jan 27, 2026 EPSS Score
- Jan 31, 2026 EPSS Score