Back to search
CVE-2011-2711
Published: Aug 3, 2011
Modified: Aug 6, 2024
PUBLISHED
Description
Cross-site scripting (XSS) vulnerability in the print_fileinfo function in ui-diff.c in cgit 0.9.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the filename associated with the rename hint.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
[oss-security] 20110724 Re: Re: CVE Request -- cGit -- XSS flaw in rename hint
mailing-list
x_refsource_MLIST
https://bugzilla.redhat.com/show_bug.cgi?id=725042
x_refsource_CONFIRM
48866
vdb-entry
x_refsource_BID
[oss-security] 20110724 Re: Re: CVE Request -- cGit -- XSS flaw in rename hint
mailing-list
x_refsource_MLIST
[oss-security] 20110722 Re: CVE Request -- cGit -- XSS flaw in rename hint
mailing-list
x_refsource_MLIST
openSUSE-SU-2011:0891
vendor-advisory
x_refsource_SUSE
74050
vdb-entry
x_refsource_OSVDB
[oss-security] 20110722 CVE Request -- cGit -- XSS flaw in rename hint
mailing-list
x_refsource_MLIST
45358
third-party-advisory
x_refsource_SECUNIA
[oss-security] 20110722 Re: CVE Request -- cGit -- XSS flaw in rename hint
mailing-list
x_refsource_MLIST
45541
third-party-advisory
x_refsource_SECUNIA
cgit-renamehint-xss(68754)
vdb-entry
x_refsource_XF
[cgit] 20110722 [PATCH] Fix potential XSS vulnerability in rename hint
mailing-list
x_refsource_MLIST
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now