Vulnerabilities in GOGS: remote code execution
3 posts by 2 authors in: Forums > CMS Builder
Last Post: March 23, 2022 (RSS)
By yusuketaga - March 23, 2022
Hi
My client sent me a security report and it says “Vulnerabilities in GOGS: remote code executed” in his web site running CMSB.
Since I have difficulty understanding “GOGS”, I decided to make this post.
Does CMSB use GOGS? or does CMSB anything to do w/ it?
If it uses GOGS, can it be removed?
Please help.
By Dave - March 23, 2022
Hi yusuketaga,
There's an open-source self-hosted git repository called gogs that has had some remote code execution issues in the past. You might see if you have that installed and ask your host to update it and/or remove it if you're not using it. It's not related to CMSB at all or anything we've ever used.
Links:
Hope that helps!
interactivetools.com
By yusuketaga - March 23, 2022
Hi Dave,
Thank you so much for your quick answer.
I am very happy that it's all clear for me now.
Thank You!