4 matches found
CVE-2017-17536
Phabricator before 2017-11-10 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary code by using the web UI to browse a branch whose name begins with a --config= or --debugger= substring...
Sql injection
Redmine before 3.2.9, 3.3.x before 3.3.6, and 3.4.x before 3.4.4 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary commands through the Mercurial adapter via vectors involving a branch whose name begins with a --config...
CVE-2017-17536
Phabricator before 2017-11-10 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary code by using the web UI to browse a branch whose name begins with a --config= or --debugger= substring...
CVE-2017-17536
CVE-2017-17536 affects Phabricator before 2017-11-10 where the web UI can trigger execution of arbitrary code in the Mercurial (hg) client by a branch name starting with a --config= or --debugger= substring. The underlying issue is that --config and --debugger flags are not blocked, enabling remo...