QID 980497

QID 980497: Go (go) Security Update for github.com/beego/beego/v2 (GHSA-c77f-4rgj-jfr4)

Cross Site Scripting (XSS) vulnerability exists in the admin panel in Beego v2.0.1 via the URI path in an HTTP request, which is activated by administrators viewing the "Request Statistics" page.

Successful exploitation of this vulnerability may affect the confidentiality, integrity, and availability of the targeted user.

  • CVSS V3 rated as High - 6.1 severity.
  • CVSS V2 rated as Medium - 4.3 severity.
  • Solution
    Customers are advised to refer to GHSA-c77f-4rgj-jfr4 for updates pertaining to this vulnerability.
    Vendor References

    CVEs related to QID 980497

    Software Advisories
    Advisory ID Software Component Link
    GHSA-c77f-4rgj-jfr4 github.com/beego/beego/v2 URL Logo github.com/advisories/GHSA-c77f-4rgj-jfr4