pkg:Go/github.com/casdoor/casdoor

All known vulnerabilities

• CRITICAL9.1CVE-2022-38638Casdoor arbitrary file write vulnerability in github.com/casdoor/casdoor
  from 0, < 1.103.1
• CRITICAL9.1CVE-2022-38638Casdoor arbitrary file write vulnerability in github.com/casdoor/casdoor
  from 0, < 1.103.1
• HIGH8.1Casdoor CORS misconfiguration (GHSL-2024-035) in github.com/casdoor/casdoor
  from 0, <= 1.557.0
• HIGH8.1Casdoor CORS misconfiguration (GHSL-2024-035) in github.com/casdoor/casdoor
  from 0
• HIGH8.1Casdoor arbitrary file deletion vulnerability via uploadFile function in github.com/casdoor/casdoor
  from 0, < 1.126.1
• HIGH8.1Casdoor arbitrary file deletion vulnerability via uploadFile function in github.com/casdoor/casdoor
  from 0, < 1.126.1
• HIGH7.5SQL Injection in Casdoor in github.com/casdoor/casdoor
  from 0, < 1.13.1
• HIGH7.5SQL Injection in Casdoor in github.com/casdoor/casdoor
  from 0, < 1.13.1
• HIGH7.3Casdoor SCIM User Creation Endpoint scim.go HandleScim authorization in github.com/casdoor/casdoor
  from 0
• HIGH7.3Casdoor SCIM User Creation Endpoint scim.go HandleScim authorization in github.com/casdoor/casdoor
  from 0, < 1.812.0
• HIGH7.2Casdoor is vulnerable to Improper Authorization in github.com/casdoor/casdoor
  from 0
• HIGH7.2Casdoor is vulnerable to Improper Authorization in github.com/casdoor/casdoor
  from 0, < 2.63.0
• MEDIUM6.5Casdoor Cross-Site Request Forgery vulnerability
  from 0, <= 1.331.0
• MEDIUM6.1Casdoor has reflected XSS in QrCodePage.js (GHSL-2024-036) in github.com/casdoor/casdoor
  from 0, <= 1.577.0
• MEDIUM6.1Casdoor has reflected XSS in QrCodePage.js (GHSL-2024-036) in github.com/casdoor/casdoor
  from 0
• MEDIUM4.7Casdoor vulnerable to SSRF via crafted Webhook URL
  from 0, <= 1.1000.0
• MEDIUM4.3Casdoor vulnerable to Open Redirect
  from 0, <= 1.1000.0
• LOW3.7casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification in github.com/casdoor/casdoor
  >= 1.541.0, <= 1.636.0
• LOW3.7casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification in github.com/casdoor/casdoor
  >= 1.541.0
• LOW3.5Casdoor vulnerable to Stored XSS via Application formCss / formSideHtml
  from 0, <= 1.1000.0