๐ CVE-2016-1900 | CGit up to 0.11 ui-shared.c cgit_print_http_headers filename crlf injection (FEDORA-2016-215b507409 / BID-80033)
๐ก Newskategorie: Sicherheitslรผcken
๐ Quelle: vuldb.com
A vulnerability classified as critical was found in CGit up to 0.11. This vulnerability affects the function cgit_print_http_headers
of the file ui-shared.c. The manipulation of the argument filename with the input \n
leads to crlf injection.
This vulnerability was named CVE-2016-1900. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component. ...