Nemcio/Gogs
1
0
Fork 0
mirror of https://github.com/gogs/gogs.git synced 2026-02-01 12:09:26 +01:00
Code Issues Packages Projects Releases Wiki Activity

security: fix cross-repository label modification vulnerability (#8123)

Browse Source 
https://github.com/gogs/gogs/security/advisories/GHSA-cv22-72px-f4gh

Co-authored-by: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
ᴊᴏᴇ ᴄʜᴇɴ
2026-01-31 12:28:30 -05:00
committed by GitHub
parent 68271e6af0
commit bb68c0a042
1 changed files with 2 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
internal/route/repo/issue.go
View File

@@ -1056,9 +1056,9 @@ func NewLabel(c *context.Context, f form.CreateLabel) {
}
func UpdateLabel(c *context.Context, f form.CreateLabel) {
l, err := database.GetLabelByID(f.ID)
l, err := database.GetLabelOfRepoByID(c.Repo.Repository.ID, f.ID)
if err != nil {
c.NotFoundOrError(err, "get label by ID")
c.NotFoundOrError(err, "get label of repository by ID")
return
}