github.com/gin-gonic/gin is vulnerable to Cache Poisoning. The vulnerability exists in the redirectTrailingSlash
function of gin.go
as it does not properly escape special characters in the header, which allows an attacker to inject a malicious payload via the X-Forwarded-Prefix
header.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/gin-gonic/gin | le | v1.8.2 | |
github.com/gin-gonic/gin | le | v1.8.2 |