CVE-2018-20236

There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before version 3.0.10 via URI handling. A remote attacker could send a malicious URI to a victim using Sourcetree for Windows to exploit this issue to gain code execution on the system.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:atlassian:sourcetree:*:*:*:*:*:windows:*:*

Information

Published : 2019-03-08 10:29

Updated : 2019-10-02 17:03


NVD link : CVE-2018-20236

Mitre link : CVE-2018-20236


JSON object : View

CWE
CWE-77

Improper Neutralization of Special Elements used in a Command ('Command Injection')

Advertisement

dedicated server usa

Products Affected

atlassian

  • sourcetree