ViewGit 0.0.6 - Multiple Cross-Site Scripting Vulnerabilities

Vulnerability Report Author: Matthew R. Bucci Date: 18 March, 2013 CVE-2013-2294 Description of Vulnerability: ----------------------------- ViewGit "is a git web repository viewer that aims to be easy to set up and upgrade, light on dependencies, and comfortable to use."...

CVE-2012-5314

CVE-2012-5314 concerns ViewGit 0.0.6 and earlier. The vulnerability is a cross-site scripting (XSS) allowing remote attackers to inject arbitrary web script or HTML via the f parameter. The available documents reaffirm the affected version range and the XSS impact but do not provide exploitation ...