Common Vulnerabilities and Exposures

[Previous] [Index] [Next]

Upstream information

CVE-2012-4548 at MITRE


Argument injection vulnerability in in cgit 9.0.3 and earlier allows remote authenticated users with permissions to add files to execute arbitrary commands via the --plug-in argument to the highlight command.

NVD CVSS v2 Base Score: 6.0 (AV:N/AC:M/Au:S/C:P/I:P/A:P)

SUSE information

SUSE Bugzilla entry: 787074 [RESOLVED / FIXED]

SUSE Security Advisories: