Sha256: e73d5e5e582488ca9bac05e6d3d5716a4fa46c502f0a2ded3e400ceb24cc4b13

Contents?: true

Size: 693 Bytes

Versions: 8

Compression:

Stored size: 693 Bytes

Contents

---
gem: will_paginate
osvdb: 101138
cve: 2013-6459
url: http://osvdb.org/show/osvdb/101138
title: will_paginate Gem for Ruby Generated Pagination Link Unspecified XSS
date: 2013-09-19
description: will_paginate Gem for Ruby contains a flaw that allows a cross-site scripting (XSS) attack.
  This flaw exists because the application does not validate certain unspecified input related to
  generated pagination links before returning it to the user. This may allow an attacker to create
  a specially crafted request that would execute arbitrary script code in a users browser within the
  trust relationship between their browser and the server.
cvss_v2: 4.3
patched_versions:
  - ">= 3.0.5"

Version data entries

8 entries across 8 versions & 3 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml
bundler-audit-0.4.0 data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/will_paginate/OSVDB-101138.yml