CVE-2022-31267
CVSS v3.1
9.8 (Critical)
CVSS v2.0
7.5 (High)
EPSS
0.21 % (59th)
Affected Products
1
Advisories
1
Gitblit 1.9.2 allows privilege escalation via the Config User Service: a control character can be placed in a profile data field, such as an emailAddress%3Atext 'attacker@example.com\n\trole = "#admin"' value.
Weaknesses
- CWE-269
- Improper Privilege Management
- CVE Status
- PUBLISHED
- CNA
- MITRE
- Published Date
-
2022-05-21 21:15:52
(2 years ago) - Updated Date
-
2022-06-07 14:23:16
(2 years ago)
Affected Products
Loading...
Loading...
Loading...
Configuration #1
|
Loading...
Loading...
Loading...
Loading...
Loading...
Loading...