[code.gitea.io/gitea] Stored Cross-site Scripting in gitea

Cross-site Scripting (XSS) – Stored in GitHub repository go-gitea/gitea prior to 1.16.9 via unfiltered pdfs

References

• https://nvd.nist.gov/vuln/detail/CVE-2022-1928
• https://github.com/go-gitea/gitea/commit/65e0688a5c9dacad50e71024b7529fdf0e3c2e9c
• https://huntr.dev/bounties/6336ec42-5c4d-4f61-ae38-2bb539f433d2
• https://github.com/advisories/GHSA-ph3w-2843-72mx