The Grit gem for Ruby, as used in GitLab 5.2 before 5.4.1 and 6.x before 6.2.3, allows remote authenticated users to execute arbitrary commands, as demonstrated by the search box for the GitLab code search feature.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2014-05-17T20:00:00

Updated: 2024-08-06T16:45:14.836Z

Reserved: 2013-06-12T00:00:00

Link: CVE-2013-4489

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2014-05-17T20:55:02.087

Modified: 2024-11-21T01:55:40.310

Link: CVE-2013-4489

cve-icon Redhat

No data.