CVE-2014-5023 Information

Description

Repository.php in Gitter as used in Gitlist allows remote attackers with commit privileges to execute arbitrary commands via shell metacharacters in a branch name as demonstrated by a \git checkout -b\ command.

Reference

http://hatriot.github.io/blog/2014/06/29/gitlist-rce/