Due to improper HTTP header sanitization, a malicious user can spoof their source IP address by setting the X-Forwarded-For header. This may allow a user to bypass IP based restrictions, or obfuscate their true source.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/gin-gonic/gin | lt | 1.7.7 |
github.com/gin-gonic/gin/commit/03e5e05ae089bc989f1ca41841f05504d29e3fd9
github.com/gin-gonic/gin/commit/5929d521715610c9dd14898ebbe1d188d5de8937
github.com/gin-gonic/gin/commit/bfc8ca285eb46dad60e037d57c545cd260636711
github.com/gin-gonic/gin/issues/2232
github.com/gin-gonic/gin/issues/2473
github.com/gin-gonic/gin/issues/2862
github.com/gin-gonic/gin/pull/2474
github.com/gin-gonic/gin/pull/2632
github.com/gin-gonic/gin/pull/2675
github.com/gin-gonic/gin/pull/2844