blob: 0cee665980e3291dd347f63ffacdcf3fc9b3f4ec [file] [log] [blame]
module: github.com/gogits/gogs
versions:
- fixed: v0.5.8
description: |
Due to improper santization of user input, a number of methods are
vulnerable to SQL injection if used with user input that has not
been santized by the caller.
published: 2021-04-14T20:04:52Z
cves:
- CVE-2014-8681
ghsas:
- GHSA-mr6h-chqp-p9g2
credit: Pascal Turbing and Jiahua (Joe) Chen
symbols:
- GetIssues
- SearchRepositoryByName
- SearchUserByName
links:
commit: https://github.com/gogs/gogs/commit/83283bca4cb4e0f4ec48a28af680f0d88db3d2c8
context:
- https://seclists.org/fulldisclosure/2014/Nov/31