CVE-2026-52807 | Gogs up to 0.14.2 new_form.tmpl set.text cross site scripting (GHSA-vcm5-gvmp-78mp)
A vulnerability marked as problematic has been reported in Gogs up to 0.14.2. The affected element is the function set.text of the file new_form.tmpl. The manipulation leads to cross site scripting.
This vulnerability is listed as CVE-2026-52807. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.VulDB Recent EntriesRead More