Sha256: e87292febbb341b7b57ceef138687c85f8c484b9dfa4e17abbc6548376efbea0
Contents?: true
Size: 633 Bytes
Versions: 1
Compression:
Stored size: 633 Bytes
Contents
--- gem: RedCloth cve: 2012-6684 osvdb: 115941 url: http://www.osvdb.org/show/osvdb/115941 title: RedCloth Gem for Ruby Textile Link Parsing XSS date: 2012-02-29 description: | RedCloth Gem for Ruby contains a flaw that allows a cross-site scripting (XSS) attack. This flaw exists because the program does not validate input when parsing textile links before returning it to users. This may allow a remote attacker to create a specially crafted request that would execute arbitrary script code in a user's browser session within the trust relationship between their browser and the server. cvss_v2: 4.3 patched_versions:
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.5.0 | data/ruby-advisory-db/gems/RedCloth/OSVDB-115941.yml |