Gogs

Silentium chains two Flowise CVEs — an unauthenticated password reset token leak and authenticated RCE — with a Gogs symlink exploit to achieve root. A masterclass in chaining modern app vulnerabilities.