Directory Traversal And Remote Code Execution (RCE)

git-spindle is vulnerable to directory traversal or remote code execution attacks. The vulnerability exists because it does not perform any sanitization on repourl and reponame from GitHub API, allowing malicious operators of the GitHub server to trigger directory traversal or remote code executi...