Arbitrary Code Execution via Crafted git ext:: URL in Mercurial

Arbitrary Code Execution via Crafted git ext:: URL in Mercurial

CVE-2016-3068 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a crafted git ext:: URL when cloning a subrepository.

Learn more about our Web Application Penetration Testing UK.