1 matches found
CVE-2013-2117
Directory traversal in cgit_parse_readme (ui-summary.c) of cgit before 0.9.2 allows remote attackers to read arbitrary files via a .. in the url parameter. Affected: cgit up to version