CVE-2010-3906
Gitweb < 1.7.3.3 - Cross-Site Scripting via f and fp Parameters
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2010-3906. PoCs published by emgent.
AI-analyzed exploit summary This exploit demonstrates a cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier versions. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the 'f' and 'fp' parameters in the URL.
Description
Cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the (1) f and (2) fp parameters.
Exploits (1)
This exploit demonstrates a cross-site scripting (XSS) vulnerability in Gitweb 1.7.3.3 and earlier versions. The vulnerability allows remote attackers to inject arbitrary web script or HTML via the 'f' and 'fp' parameters in the URL.