cgit: security update
This update of cgit fixes a XSS vulnerability.
CVE-2011-2711: CVSS v2 Base Score: 3.3
(AV:N/AC:L/Au:M/C:N/I:P/A:N): Cross-Site Scripting (XSS)
(CWE-79)
- Submitted by Adrian Schröter (adrianSuSE)
- Version 4975
Fixed bugs
bnc#707929
VUL-0: cgit: XSS flaw in rename hint
CVE#CVE-2011-2711
Cross-site scripting (XSS) vulnerability in the print_fileinfo function in ui-diff.c in cgit 0.9.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the filename associated with the rename hint.