Skip to main content

Phabricator

1 CVEs product

Monthly

CVE-2017-17536 HIGH PATCH This Week

Phabricator before 2017-11-10 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary code by using the web UI to browse a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Phabricator
NVD
CVSS 3.0
8.8
EPSS
0.8%
EPSS 1% CVSS 8.8
HIGH PATCH This Week

Phabricator before 2017-11-10 does not block the --config and --debugger flags to the Mercurial hg program, which allows remote attackers to execute arbitrary code by using the web UI to browse a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

RCE Phabricator
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy