CVE-2022-31268

HIGH NUCLEI

Gitblit 1.9.3 - Path Traversal

Title source: llm

Description

A Path Traversal vulnerability in Gitblit 1.9.3 can lead to reading website files via /resources//../ (e.g., followed by a WEB-INF or META-INF pathname).

Nuclei Templates (1)

Gitblit 1.9.3 - Local File Inclusion
HIGHVERIFIEDby 0x_Akoko
Shodan: http.html:"Gitblit" || http.title:"gitblit" || http.html:"gitblit"
FOFA: title="gitblit" || body="gitblit"

References (1)

Scores

CVSS v3 7.5
EPSS 0.9004
EPSS Percentile 99.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-22
Status published
Products (2)
com.gitblit/gitblit 0Maven
gitblit/gitblit 1.9.3
Published May 21, 2022
Tracked Since Feb 18, 2026