CVE-2010-3906
CVE-2010-3906 is an XSS in gitweb (Git web interface) for Git versions up to 1.7.3.3 and earlier, exploitable via the f and fp parameters to craft arbitrary script/HTML. Multiple advisories report remote injection through gitweb, with openSUSE openSUSE-SU-2011:0115-1 and Debian backports patches ...