PT-2022-9950 · Beego · Beego
Published
2022-04-05
·
Updated
2024-05-14
·
CVE-2021-30080
CVSS v3.1
9.8
Critical
| Vector | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
beego versions prior to 1.12.11
beego versions through 2.0.1
Description
An issue was discovered in the route lookup process in beego that allows attackers to bypass access control.
Recommendations
For versions prior to 1.12.11, update to version 1.12.11 or later.
For versions through 2.0.1, update to a version later than 2.0.1.
As a temporary workaround, consider restricting access to sensitive routes to minimize the risk of exploitation.
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Beego