Skip to content

dannyEndorTest/gin-vulnerable

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
uploads
uploads
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
go.sum
go.sum
 
 
main.go
main.go
 
 

Repository files navigation

gin-vulnerable

Demo consumer pinned to github.com/gin-gonic/gin v1.7.0 (vulnerable to CVE-2023-29401). The /download/:filename handler passes user input directly to Context.FileAttachment — the exploit-condition pattern Endor flags as exploitable.

About

Demo consumer for gin v1.7.0 (CVE-2023-29401) — Context.FileAttachment with user input. endorctl scan target.

Resources

Readme
Activity
Custom properties

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages