CVE-2019-11218

Improper handling of extra parameters in the AccountController (User Profile edit) in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows authenticated users to gain application administrator privileges via additional form parameter submissions.
References
Link Resource
https://bonobogitserver.com/changelog/#version-650 Release Notes Third Party Advisory
https://flab.cesnet.cz/advisories/cve-2019-11218 Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:bonobogitserver:bonobo_git_server:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2019-04-24 20:29

Updated : 2023-12-10 12:59


NVD link : CVE-2019-11218

Mitre link : CVE-2019-11218

CVE.ORG link : CVE-2019-11218


JSON object : View

Products Affected

bonobogitserver

  • bonobo_git_server
CWE
CWE-20

Improper Input Validation