blob: db2c820691ab6332d4da056b7e196095eb47ff49 [file] [log] [blame]
id: GO-2024-2559
modules:
- module: github.com/greenpau/caddy-security
unsupported_versions:
- last_affected: 1.1.23
vulnerable_at: 1.1.29
summary: Cross-site Scripting in github.com/greenpau/caddy-security
cves:
- CVE-2024-21496
ghsas:
- GHSA-ff72-ff42-c3gw
references:
- advisory: https://github.com/advisories/GHSA-ff72-ff42-c3gw
- advisory: https://nvd.nist.gov/vuln/detail/CVE-2024-21496
- report: https://github.com/greenpau/caddy-security/issues/267
- web: https://blog.trailofbits.com/2023/09/18/security-flaws-in-an-sso-plugin-for-caddy
- web: https://security.snyk.io/vuln/SNYK-GOLANG-GITHUBCOMGREENPAUCADDYSECURITY-6249860
source:
id: GHSA-ff72-ff42-c3gw
created: 2024-06-14T11:41:53.201238-04:00
review_status: UNREVIEWED
unexcluded: EFFECTIVELY_PRIVATE