Sha256: 3e817f79670e11b8349f1866063f0a916f7d1e8ae4028057dcb46dcf04cb4669

Contents?: true

Size: 562 Bytes

Versions: 5

Compression:

Stored size: 562 Bytes

Contents

---
gem: features
cve: 2013-4318
osvdb: 96975
url: http://osvdb.org/show/osvdb/96975
title: Features Gem for Ruby /tmp/out.html Local XSS
date: 2013-09-01
description: Features Gem for Ruby contains a flaw that allows a local cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain input upon submission to /tmp/out.html. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/features/OSVDB-96975.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/features/OSVDB-96975.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/features/OSVDB-96975.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/features/OSVDB-96975.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/features/OSVDB-96975.yml