Gitblit - Gitblit CVE

Filtered by vendor Gitblit Subscribe

Filtered by product Gitblit

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2022-31267	1 Gitblit	1 Gitblit	2022-06-07	7.5 HIGH	9.8 CRITICAL
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext 'attacker@example.com\n\trole = "#admin"' value.

Vulnerabilities (CVE)