Persistent Session Vulnerability in Gitea through 1.15.7
CVE-2021-45330 · CRITICAL Severity
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
An issue exsits in Gitea through 1.15.7, which could let a malicious user gain privileges due to client side cookies not being deleted and the session remains valid on the server side for reuse.
Learn more about our Cis Benchmark Audit For Server Software.