CVE-2014-8681

2014-11-21T15:59:00
ID CVE-2014-8681
Type cve
Reporter cve@mitre.org
Modified 2017-09-08T01:29:00

Description

SQL injection vulnerability in the GetIssues function in models/issue.go in Gogs (aka Go Git Service) 0.3.1-9 through 0.5.6.x before 0.5.6.1025 Beta allows remote attackers to execute arbitrary SQL commands via the label parameter to user/repos/issues.