The default Formatter for the Logger middleware (LoggerConfig.Formatter), which is included in the Default engine, allows attackers to inject arbitrary log entries by manipulating the request path.
{ "imports": [ { "path": "github.com/gin-gonic/gin", "symbols": [ "Default", "Logger", "LoggerWithConfig", "LoggerWithFormatter", "LoggerWithWriter" ] } ] }