3 matches found
CVE-2021-30483
isomorphic-git before 1.8.2 allows Directory Traversal via a crafted repository...
git: Recursive submodule cloning allows using git directory twice with synonymous directory name written in .git/
An improper input validation flaw was discovered in git in the way it handles git submodules. A remote attacker could abuse this flaw to trick a victim user into recursively cloning a malicious repository, which, under certain circumstances, could fool git into using the same git directory twice...
CVE-2016-1236
Multiple cross-site scripting XSS vulnerabilities in 1 revision.php, 2 log.php, 3 listing.php, and 4 comp.php in WebSVN allow context-dependent attackers to inject arbitrary web script or HTML via the name of a a file or b directory in a repository...