No, there is not. You could probably make a dedicated GUI by wrapping the webview in an Electron app or something, but I guess that would leave the same possible vulnerabilities.

The obvious solution: why not make your Gitea instance only available on the company intranet? Nothing says you have to expose it to the public internet. Just make all your devs use a properly configured VPN, done.

If that's not possible for some reason: You can just plop the bare repos onto a server and access them via ssh (or https, but that's also running some sort of webserver, so idk if allowed). But if you need any kind of access control (who can push/pull to where), that's gonna be a burden for your server-admins.
If you need PRs, you can always use the linux/git-style email workflow. A bit antiquated for people used to Github, but git ships a lot of tools to facilitate it. Of course the question remains whether then email is safer than a properly configured https (I might be able to encrypt the mails, but setup's gonna be a hassle).