New Gogs 0-Day Vulnerability Lets Attackers Run Malicious Code on the Server Remotely

A critical zero-day vulnerability has been discovered in Gogs, one of the most widely deployed self-hosted Git platforms in the world, allowing any authenticated user to execute arbitrary commands on the underlying server with no patch available at the time of publication. Rapid7 Labs researcher Jonah Burgess (CryptoCat) identified the flaw, tracked as a CWE-88 […] The post New Gogs 0-Day Vulnerability Lets Attackers Run Malicious Code on the Server Remotely appeared first on Cyber Security News.