SSRF Vulnerability in Gogs 0.11.53 Allows Arbitrary HTTP GET Requests via Migrate Endpoint

SSRF Vulnerability in Gogs 0.11.53 Allows Arbitrary HTTP GET Requests via Migrate Endpoint

CVE-2018-16409 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF.

Learn more about our Web Application Penetration Testing UK.