CVE-2018-5955

CVE: CVE-2018-5955
Published: 2018-01-21T22:29Z
Vendor: smartmobilesoftware
Products: gitstack
Versions: 2.3.10,
Description Language: en
Description: An issue was discovered in GitStack through 2.3.10. User controlled input is not sufficiently filtered, allowing an unauthenticated attacker to add a user to the server via the username and password fields to the rest/user/ URI.
References:

SSD Advisory – GitStack Unauthenticated Remote Code Execution