x/vulndb: potential Go vuln in github.com/0xJacky/Nginx-UI: GHSA-pxmr-q2x3-9x9m

[GoVulnBot]

In GitHub Security Advisory GHSA-pxmr-q2x3-9x9m, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/0xJacky/Nginx-UI	2.0.0.beta.9	< 2.0.0.beta.9

Cross references:
No existing reports found with this module or alias.

See doc/triage.md for instructions on how to triage this report.

modules:
    - module: github.com/0xJacky/Nginx-UI
      versions:
        - fixed: 2.0.0.beta.9
      packages:
        - package: github.com/0xJacky/Nginx-UI
summary: |-
    Authenticated (user role) remote command execution by modifying `nginx` settings
    (GHSL-2023-269)
cves:
    - CVE-2024-22197
ghsas:
    - GHSA-pxmr-q2x3-9x9m
references:
    - advisory: https://github.com/0xJacky/nginx-ui/security/advisories/GHSA-pxmr-q2x3-9x9m
    - fix: https://github.com/0xJacky/nginx-ui/commit/827e76c46e63c52114a62a899f61313039c754e3
    - web: https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/router.go#L13
    - web: https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/api/system/settings.go#L18
    - web: https://github.com/0xJacky/nginx-ui/blob/04bf8ec487f06ab17a9fb7f34a28766e5f53885e/router/middleware.go#L45
    - advisory: https://github.com/advisories/GHSA-pxmr-q2x3-9x9m

[gopherbot]

Change https://go.dev/cl/556156 mentions this issue: data/reports: add GO-2024-2464.yaml