pkg:Go/github.com/forceu/gokapi

All known vulnerabilities

• HIGH8.7CVE-2026-28683Gokapi has Stored XSS in SVG Hotlinks in github.com/forceu/gokapi
  from 0
• HIGH8.7CVE-2026-28683Gokapi has Stored XSS in SVG Hotlinks in github.com/forceu/gokapi
  from 0, < 2.2.3
• MEDIUM6.5CVE-2026-30955Gokapi vulnerable to DoS in E2E Metadata Parser in github.com/forceu/gokapi
  from 0, < 2.2.4
• MEDIUM6.5Gokapi vulnerable to DoS in E2E Metadata Parser in github.com/forceu/gokapi
  from 0
• MEDIUM6.4Gokapi has Data Leak in Upload Status Stream in github.com/forceu/gokapi
  from 0
• MEDIUM6.4Gokapi has Data Leak in Upload Status Stream in github.com/forceu/gokapi
  from 0, < 2.2.3
• MEDIUM5.4Gokapi has privilege escalation via incomplete API-key permission revocation on user rank demotion in github.com/forceu/gokapi
  from 0
• MEDIUM5.4Gokapi has privilege escalation via incomplete API-key permission revocation on user rank demotion in github.com/forceu/gokapi
  from 0, < 2.2.3
• MEDIUM5.4Gokapi has stored XSS vulnerability in friendly name for API keys in github.com/forceu/gokapi
  from 0
• MEDIUM5.4Gokapi has stored XSS vulnerability in friendly name for API keys in github.com/forceu/gokapi
  >= 1.0.1, <= 1.9.6
• MEDIUM5.0Gokapi has privilege escalation with auth token in github.com/forceu/gokapi
  from 0, < 2.2.3
• MEDIUM5.0Gokapi has privilege escalation with auth token in github.com/forceu/gokapi
  from 0
• MEDIUM4.6Gokapi has CSRF in Login Endpoint in github.com/forceu/gokapi
  from 0, < 2.2.3
• MEDIUM4.6Gokapi has CSRF in Login Endpoint in github.com/forceu/gokapi
  from 0
• MEDIUM4.3Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload in github.com/forceu/gokapi
  from 0, < 2.2.4
• MEDIUM4.3Gokapi's File Request MaxSize Limit Bypassed via Multi-Chunk Upload in github.com/forceu/gokapi
  from 0
• MEDIUM4.1Gokapi vulnerable to Privilege Escalation in File Replace in github.com/forceu/gokapi
  from 0
• MEDIUM4.1Gokapi vulnerable to Privilege Escalation in File Replace in github.com/forceu/gokapi
  from 0, < 2.2.4
• —Gokapi vulnerable to stored XSS via uploading file with malicious file name in github.com/forceu/gokapi
  >= 1.0.1, <= 1.9.6
• —Gokapi vulnerable to stored XSS via uploading file with malicious file name in github.com/forceu/gokapi
  from 0