CVE-2013-2615: Remote code execution

March 20, 2013 (updated March 21, 2013)

If the url contains any ; characters code will be executed as the user. For example if fastreader is fed http://www.g;id;.com id will be executed.

References

vapid.dhs.org/advisories/fastreader-1.0.8-remote-exec.html
www.osvdb.org/show/osvdb/91232

Detect and mitigate CVE-2013-2615 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →