CVE-2019-9047
GoRose v1.0.4 has SQL Injection when the order_by or group_by parameter can be controlled.
9.8CVSS
9.9AI Score
0.002EPSS