In Forgejo before 1.20.5-1, certain endpoints do not check whether an object belongs to a repository for which permissions are being checked. Rated critical severity (CVSS 9.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
Authentication Bypass
Forgejo
NVD
GitHub
CVSS 3.1
9.1
EPSS
0.9%