Gogs 操作系统命令注入漏洞

Gogs Go Git Service is a Go-based self-service Git hosting service from the GOGS team that supports creating and migrating public/private repositories, adding and removing repository collaborators, and more. An operating system command injection vulnerability exists in Gogs versions prior to...

PT-2022-13166 · Gogs · Gogs

Name of the Vulnerable Software and Affected Versions: gogs versions prior to 0.12.6 Description: The issue allows a malicious user to upload a crafted config file into a repository's .git directory to gain SSH access to the server. This affects all installations with repository upload enabled,...