CVE-2012-4548
Summary
Argument injection vulnerability in syntax-highlighting.sh in cgit 9.0.3 and earlier allows remote authenticated users with permissions to add files to execute arbitrary commands via the --plug-in argument to the highlight command.
- MEDIUM
- NETWORK
- SINGLE
- PARTIAL
- PARTIAL
- PARTIAL
References
Advisory Timeline
- Published