blob: 41a308cadc7d247272d84c14d43872549f1fd41d [file] [log] [blame]
module: github.com/gogits/gogs
versions:
- fixed: v0.5.8
description: |
Due to improper santization of user input, a number of methods are
vulnerable to SQL injection if used with user input that has not
been santized by the caller.
published: 2021-04-14T12:00:00Z
cve: CVE-2014-8681
credit: Pascal Turbing and Jiahua (Joe) Chen
symbols:
- GetIssues
- SearchRepositoryByName
- SearchUserByName
links:
commit: https://github.com/gogs/gogs/commit/83283bca4cb4e0f4ec48a28af680f0d88db3d2c8
context:
- https://seclists.org/fulldisclosure/2014/Nov/31