2018-09-03 21:29:01 2018-11-06 16:06:56

In Gogs 0.11.53, an attacker can use migrate to send arbitrary HTTP GET requests, leading to SSRF.

Vector

NETWORK

Complexity

LOW

Authentication

NONE

Confidentiality

PARTIAL

Integrity

NONE

Availability

NONE
Advisory Patch Confirmed Link
https://github.com/gogs/gogs/issues/5372