Access control bypass in Beego · CVE-2021-30080 · GitHub Advisory Database · GitHub

Access control bypass in Beego

High severity GitHub Reviewed Published Apr 6, 2022 to the GitHub Advisory Database • Updated Feb 14, 2023

Package

github.com/beego/beego (Go)

Affected versions

<= 1.12.11

Patched versions

None

github.com/beego/beego/v2 (Go)

>= 2.0.0, < 2.0.3

2.0.3

Description

An issue was discovered in the route lookup process in beego through 2.0.1, allows attackers to bypass access control.

References

Published by the National Vulnerability Database

Apr 5, 2022

Published to the GitHub Advisory Database Apr 6, 2022

Reviewed Apr 7, 2022

Last updated Feb 14, 2023