cgit < 1.2.1 - Directory Traversal

cGit 1.2.1 via cgitcloneobjects has a directory traversal vulnerability when enable-http-clone=1 is not turned off, as demonstrated by a cgit/cgit.cgi/git/objects/?path=../ request. id: CVE-2018-14912 info: name: cgit 1.2.1 - Directory Traversal author: 0xAkoko severity: high description: cGit...