Sha256: f6e1d26b0ed7f60ff696026690cac5aad863c885abd8134661726ac4f9a41371

Contents?: true

Size: 482 Bytes

Versions: 5

Compression:

Stored size: 482 Bytes

Contents

---
gem: show_in_browser
cve: 2013-2105
osvdb: 93490
url: http://osvdb.org/show/osvdb/93490
title: Show In Browser Gem for Ruby /tmp/browser.html Arbitrary Script Injection
date: 2013-05-17
description: Show In Browser Gem for Ruby contains a flaw that is triggered when the application does not validate input passed via the /tmp/browser.html file. This may allow a local attacker to create a specially crafted request that would execute arbitrary script code in a user's browser.

Version data entries

5 entries across 5 versions & 2 rubygems

Version Path
bundler-budit-0.6.2 data/ruby-advisory-db/gems/show_in_browser/OSVDB-93490.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/show_in_browser/OSVDB-93490.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/show_in_browser/OSVDB-93490.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/show_in_browser/OSVDB-93490.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/show_in_browser/OSVDB-93490.yml