gogs.io/gogs is vulnerable to path traversal. The vulnerability exists in Clean
function in pathutil.go
due to lack of validations which allows a malicious attacker to delete and upload arbitrary files.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/gogs/gogs | le | v0.12.8 | |
github.com/gogs/gogs | le | v0.12.8 |