CVE-2014-0468
9.8
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Summary
Vulnerability in fusionforge in the shipped Apache configuration, where the web server may execute scripts that the users would have uploaded in their raw SCM repositories (SVN, Git, Bzr…). This issue affects fusionforge: before 5.3+20140506.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| fusionforge | fusionforge | 0 < 5.3+20140506 | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: yes
- Technical Impact: total
References
- http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html
- https://web.archive.org/web/20151019035734/http://lists.fusionforge.org/pipermail/fusionforge-general/2014-March/002645.html
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.