SQL Injection Vulnerability in Gogs (Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta

SQL Injection Vulnerability in Gogs (Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta

CVE-2014-8681 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues.

Learn more about our User Device Pen Test.