An incorrect comparison vulnerability was identified in GitHub Enterprise Server that allowed commit smuggling by displaying an incorrect diff in a re-opened Pull Request. To exploit this vulnerability, an attacker would need write access to the repository. This vulnerability was reported via the GitHub Bug Bounty Program bounty.github.com/ .
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
github enterprise server 3.9.0 |
||
github enterprise server |