gitblit icon indicating copy to clipboard operation
gitblit copied to clipboard
verified publisher icon gitblit-org

directory traversal in gitblit v1.9.2

Open xxcdd opened this issue 3 years ago • 0 comments

When i request GET /resources//../WEB-INF/web.xml using burp suite, i get the raw content of web.xml GET /resources//../ can get all files in Directory: /resources/

This can cause security issue, hope to fix it.

xxcdd avatar Feb 17 '22 11:02 xxcdd