Arbitrary Command Execution Vulnerability in Grit Gem for GitLab

Arbitrary Command Execution Vulnerability in Grit Gem for GitLab

CVE-2013-4489 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.

Learn more about our User Device Pen Test.