github.com/casdoor/casdoor is vulnerable to sql injection. An attacker can inject and execute malicious input through the GetSession
function of adapter.go
as it does not properly filter the user input field
and value
parameters.
CPE | Name | Operator | Version |
---|---|---|---|
github.com/casdoor/casdoor | le | v1.13.0 | |
github.com/casdoor/casdoor | le | v1.13.0 |