Medium severity6.1NVD Advisory· Published May 13, 2019· Updated Jun 17, 2026
CVE-2019-12047
CVE-2019-12047
Description
Gridea v0.8.0 has an XSS vulnerability through which the Nodejs module can be called to achieve arbitrary code execution, as demonstrated by child_process.exec and the "<img src=# onerror='eval(new Buffer(" substring.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Gridea/Grideadescription
Patches
Vulnerability mechanics
References
1- github.com/getgridea/gridea/issues/105nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.