{ "schema_version": "1.4.0", "id": "GHSA-wc45-7552-hh9r", "modified": "2022-05-17T01:54:30Z", "published": "2022-05-17T01:54:30Z", "aliases": [ "CVE-2011-2711" ], "details": "Cross-site scripting (XSS) vulnerability in the print_fileinfo function in ui-diff.c in cgit 0.9.0.2 and earlier allows remote authenticated users to inject arbitrary web script or HTML via the filename associated with the rename hint.", "severity": [], "affected": [], "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2011-2711" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=725042" }, { "type": "WEB", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/68754" }, { "type": "WEB", "url": "https://hermes.opensuse.org/messages/10998459" }, { "type": "WEB", "url": "http://hjemli.net/git/cgit/commit/?h=stable&id=bebe89d7c11a92bf206bf6e528c51ffa8ecbc0d5" }, { "type": "WEB", "url": "http://hjemli.net/pipermail/cgit/2011-July/000276.html" }, { "type": "WEB", "url": "http://secunia.com/advisories/45358" }, { "type": "WEB", "url": "http://secunia.com/advisories/45541" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2011/07/22/2" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2011/07/22/6" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2011/07/22/7" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2011/07/24/3" }, { "type": "WEB", "url": "http://www.openwall.com/lists/oss-security/2011/07/24/4" }, { "type": "WEB", "url": "http://www.osvdb.org/74050" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/48866" } ], "database_specific": { "cwe_ids": [ "CWE-79" ], "severity": "LOW", "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2011-08-03T00:55:00Z" } }