Beego has patched a severe cross-site scripting (XSS) vulnerability that could lead to the compromise of a victim’s session or account.
Last month, application security researcher Omri Inbar, who is also a member of the Checkmarx team, disclosed the XSS vulnerability to Beego.
Tracked as CVE-2021-39391, the bug, of which a CVSS score is yet to be assigned, was found in the administration panel of Beego v2.0.1.
Beego v2.0.2 contains a fix for the vulnerability.