Gitblit Reflected Cross-Site Scripting Vulnerability in Repository Path Handling

A reflected cross-site scripting vulnerability has been identified in Gitblit version 1.7.1. This issue arises from inadequate input sanitization of repository path names, allowing attackers to inject malicious payloads that execute arbitrary JavaScript when victims access the altered URL. The vulnerability can be exploited by crafting a specific path injection, such as a JavaScript image payload, which is then executed in the context of the user's browser.

Impact

Exploitation of this vulnerability allows for reflected cross-site scripting, where an attacker can execute arbitrary JavaScript in the context of the victim's browser.

Reproduction

To reproduce this vulnerability, inject a crafted path payload into the repository name of a Gitblit URL. This can be done by replacing the repository name in the URL with one that includes the XSS payload, such as an image tag with an 'onerror' event. Accessing the modified URL will trigger the execution of the injected JavaScript.