Lars Hjemli » Cgit : Security Vulnerabilities, CVEs, Published In 2011 (XSS)
Cross-site scripting (XSS) vulnerability in the print_fileinfo function in ui-diff.c in cgit 0.9.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the filename associated with the rename hint.
Max CVSS
3.5
EPSS Score
0.12%
Published
2011-08-03
Updated
2017-08-29
1 vulnerabilities found