blob: 5f6a1b8c73c29397e67667405b03e68f3a901518 [file] [log] [blame]
module: gopkg.in/macaron.v1
versions:
- fixed: v1.3.7
description: |
Due to improper request santization, a specifically crafted URL
can cause the static file handler to redirect to an attacker chosen
URL, allowing for open redirect attacks.
published: 2021-04-14T12:00:00Z
cve: CVE-2020-12666
credit: "@ev0A"
symbols:
- staticHandler
links:
pr: https://github.com/go-macaron/macaron/pull/199
commit: https://github.com/go-macaron/macaron/commit/addc7461c3a90a040e79aa75bfd245107a210245
context:
- https://github.com/go-macaron/macaron/issues/198