Is CVE-2021-28378 actively exploited?

CVE-2021-28378 has no public evidence of in-the-wild exploitation as of 2024-11-21.

What is the CVSS score for CVE-2021-28378?

CVE-2021-28378 has a CVSS score of 3.7 (LOW severity). Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:L/I:L/A:N.

Patch guidance is available from gitea security advisories. CVEDatabase generates AI-assisted remediation guidance on demand for CVE-2021-28378.

2 products: gitea gitea, gitea gitea.

Gitea 1.12.x and 1.13.x before 1.13.4 allows XSS via certain issue data in some situations.

Primary Vendor: GITEA
Published: 3/15/2021
Last Modified: 11/21/2024
Source: NIST NVD
Note: Verify all details with official vendor sources before applying patches.