CVE-2018-17031 – In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, wh …

0

Vuln ID: CVE-2018-17031

Published:  2018-09-14  02:29:00Z

Description: In Gogs 0.11.53, an attacker can use a crafted .eml file to trigger MIME type sniffing, which leads to XSS, as demonstrated by Internet Explorer, because an "X-Content-Type-Options: nosniff" header is not sent.

Source: NVD.NIST.GOV