x/vulndb: potential Go vuln in github.com/sjqzhang/go-fastdfs: GHSA-xq3x-grrj-fj6x

[GoVulnBot]

In GitHub Security Advisory GHSA-xq3x-grrj-fj6x, there is a vulnerability in the following Go packages or modules:

Unit	Fixed	Vulnerable Ranges
github.com/sjqzhang/go-fastdfs		<= 1.4.3

Cross references:
No existing reports found with this module or alias.

See doc/triage.md for instructions on how to triage this report.

modules:
  - module: github.com/sjqzhang/go-fastdfs
    versions:
      - {}
    packages:
      - package: github.com/sjqzhang/go-fastdfs
summary: sjqzhang go-fastdfs vulnerable to path traversal
description: sjqzhang go-fastdfs up to 1.4.3 is vulnerable to path traversal in the
    function upload of the file `/group1/upload` of the component `File Upload Handler`.
    The attack may be launched remotely and the exploit has been disclosed to the
    public and may be used.
cves:
  - CVE-2023-1800
ghsas:
  - GHSA-xq3x-grrj-fj6x
references:
  - web: https://nvd.nist.gov/vuln/detail/CVE-2023-1800
  - web: https://github.com/yangyanglo/ForCVE/blob/main/2023-0x05.md
  - web: https://vuldb.com/?ctiid.224768
  - web: https://vuldb.com/?id.224768
  - advisory: https://github.com/advisories/GHSA-xq3x-grrj-fj6x

[gopherbot]

Change https://go.dev/cl/483978 mentions this issue: data/reports: add GO-2023-1713.yaml