pkg:Go/github.com/casdoor/casdoor

20 total CVEsCRITICAL2HIGH10MEDIUM5LOW3

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.1CVE-2022-38638Casdoor arbitrary file write vulnerability in github.com/casdoor/casdoor
    from 0, < 1.103.1
  • CRITICAL9.1CVE-2022-38638Casdoor arbitrary file write vulnerability in github.com/casdoor/casdoor
    from 0, < 1.103.1
  • HIGH8.1CVE-2024-41657Casdoor CORS misconfiguration (GHSL-2024-035) in github.com/casdoor/casdoor
    from 0, <= 1.557.0
  • HIGH8.1CVE-2024-41657Casdoor CORS misconfiguration (GHSL-2024-035) in github.com/casdoor/casdoor
    from 0
  • HIGH8.1CVE-2022-44942Casdoor arbitrary file deletion vulnerability via uploadFile function in github.com/casdoor/casdoor
    from 0, < 1.126.1
  • HIGH8.1CVE-2022-44942Casdoor arbitrary file deletion vulnerability via uploadFile function in github.com/casdoor/casdoor
    from 0, < 1.126.1
  • HIGH7.5CVE-2022-24124SQL Injection in Casdoor in github.com/casdoor/casdoor
    from 0, < 1.13.1
  • HIGH7.5CVE-2022-24124SQL Injection in Casdoor in github.com/casdoor/casdoor
    from 0, < 1.13.1
  • HIGH7.3CVE-2025-4210Casdoor SCIM User Creation Endpoint scim.go HandleScim authorization in github.com/casdoor/casdoor
    from 0
  • HIGH7.3CVE-2025-4210Casdoor SCIM User Creation Endpoint scim.go HandleScim authorization in github.com/casdoor/casdoor
    from 0, < 1.812.0
  • HIGH7.2CVE-2025-61524Casdoor is vulnerable to Improper Authorization in github.com/casdoor/casdoor
    from 0
  • HIGH7.2CVE-2025-61524Casdoor is vulnerable to Improper Authorization in github.com/casdoor/casdoor
    from 0, < 2.63.0
  • MEDIUM6.5CVE-2023-34927Casdoor Cross-Site Request Forgery vulnerability
    from 0, <= 1.331.0
  • MEDIUM6.1CVE-2024-41658Casdoor has reflected XSS in QrCodePage.js (GHSL-2024-036) in github.com/casdoor/casdoor
    from 0, <= 1.577.0
  • MEDIUM6.1CVE-2024-41658Casdoor has reflected XSS in QrCodePage.js (GHSL-2024-036) in github.com/casdoor/casdoor
    from 0
  • MEDIUM4.7CVE-2026-5469Casdoor vulnerable to SSRF via crafted Webhook URL
    from 0, <= 1.1000.0
  • MEDIUM4.3CVE-2026-5467Casdoor vulnerable to Open Redirect
    from 0, <= 1.1000.0
  • LOW3.7CVE-2024-41264casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification in github.com/casdoor/casdoor
    >= 1.541.0, <= 1.636.0
  • LOW3.7CVE-2024-41264casdoor's use of`ssh.InsecureIgnoreHostKey()` disables host key verification in github.com/casdoor/casdoor
    >= 1.541.0
  • LOW3.5CVE-2026-5468Casdoor vulnerable to Stored XSS via Application formCss / formSideHtml
    from 0, <= 1.1000.0