## https://sploitus.com/exploit?id=F197A883-101B-5C7C-AA56-BCA681BC33E0
# gin-vulnerable
Demo consumer pinned to `github.com/gin-gonic/gin v1.7.0` (vulnerable to
CVE-2023-29401). The `/download/:filename` handler passes user input
directly to `Context.FileAttachment` โ the exploit-condition pattern
Endor flags as exploitable.