Description
Gitea versions before 1.25.5 do not consistently enforce OAuth2 authorization code expiry and single-use behavior during token exchange.
Problem types
Authentication Bypass by Capture-replay
Product status
Any version before 1.25.5
Credits
sammiee5311
References
github.com/go-gitea/gitea/pull/36797 (GitHub Pull Request #36797)
github.com/go-gitea/gitea/pull/36851 (GitHub Pull Request #36851)
github.com/go-gitea/gitea/releases/tag/v1.25.5 (Gitea v1.25.5 Release)
blog.gitea.com/release-of-1.25.5/ (Gitea v1.25.5 Release Blog Post)