SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 up to and including 0.5.6.x prior to 0.5.6.1025 Beta allows remote malicious users to execute arbitrary SQL commands via the label parameter to user/repos/issues.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
gogits gogs 0.4.1 |
||
gogits gogs 0.4.2 |
||
gogits gogs 0.5.0 |
||
gogits gogs 0.5.2 |
||
gogits gogs |
||
gogits gogs 0.3.1-9 |