FKIE_CVE-2026-20750

Vulnerability from fkie_nvd - Published: 2026-01-22 22:16 - Updated: 2026-01-29 21:48
Severity ?
9.1 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
Summary
Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization.
References
88ee5874-cf24-4952-aea0-31affedb7ff2https://blog.gitea.com/release-of-1.25.4/Release Notes
88ee5874-cf24-4952-aea0-31affedb7ff2https://github.com/go-gitea/gitea/pull/36318Issue Tracking, Patch
88ee5874-cf24-4952-aea0-31affedb7ff2https://github.com/go-gitea/gitea/pull/36373Issue Tracking, Patch
88ee5874-cf24-4952-aea0-31affedb7ff2https://github.com/go-gitea/gitea/releases/tag/v1.25.4Release Notes
88ee5874-cf24-4952-aea0-31affedb7ff2https://github.com/go-gitea/gitea/security/advisories/GHSA-h4fh-pc4w-8w27Broken Link
Impacted products
Vendor Product Version
gitea gitea *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:gitea:gitea:*:*:*:*:*:-:*:*",
              "matchCriteriaId": "DFCB7D74-331D-4582-AB41-113A25BE8FAA",
              "versionEndExcluding": "1.25.4",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Gitea does not properly validate project ownership in organization project operations. A user with project write access in one organization may be able to modify projects belonging to a different organization."
    },
    {
      "lang": "es",
      "value": "Gitea no valida correctamente la titularidad de los proyectos en las operaciones de proyectos de la organizaci\u00f3n. Un usuario con permisos de escritura en proyectos de una organizaci\u00f3n podr\u00eda modificar proyectos pertenecientes a una organizaci\u00f3n diferente."
    }
  ],
  "id": "CVE-2026-20750",
  "lastModified": "2026-01-29T21:48:07.563",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 9.1,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.2,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2026-01-22T22:16:17.370",
  "references": [
    {
      "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
      "tags": [
        "Release Notes"
      ],
      "url": "https://blog.gitea.com/release-of-1.25.4/"
    },
    {
      "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/go-gitea/gitea/pull/36318"
    },
    {
      "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
      "tags": [
        "Issue Tracking",
        "Patch"
      ],
      "url": "https://github.com/go-gitea/gitea/pull/36373"
    },
    {
      "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
      "tags": [
        "Release Notes"
      ],
      "url": "https://github.com/go-gitea/gitea/releases/tag/v1.25.4"
    },
    {
      "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
      "tags": [
        "Broken Link"
      ],
      "url": "https://github.com/go-gitea/gitea/security/advisories/GHSA-h4fh-pc4w-8w27"
    }
  ],
  "sourceIdentifier": "88ee5874-cf24-4952-aea0-31affedb7ff2",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-284"
        }
      ],
      "source": "88ee5874-cf24-4952-aea0-31affedb7ff2",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.