CVE-2020-28483

Name of the Vulnerable Software and Affected Versions: github.com/gin-gonic/gin versions prior to 1.7.7

Description: The issue allows a client's IP to be spoofed by setting the X-Forwarded-For header when the gin package is exposed directly to the internet. This is due to improper HTTP header sanitization, which may enable a user to bypass IP-based restrictions or obfuscate their true source.

Recommendations: For versions prior to 1.7.7, update to version 1.7.7 or later to resolve the issue. As a temporary workaround, consider restricting access to the X-Forwarded-For header to minimize the risk of IP spoofing.