---
gem: padrino-contrib
cve: 2019-16145
ghsa: rwpr-83g3-96g7
url: https://github.com/padrino/padrino-contrib/pull/35
date: 2019-09-23
title: padrino-contrib XSS via caption parameter of breadcrumbs helper
description: |
  The breadcrumbs contributed module through 0.2.0 for Padrino Framework
  allows XSS via a caption.
cvss_v3: 6.1