Computer Security
[EN] securityvulns.ru no-pyccku


redcloth crossite scripting
Published:23.03.2015
Source:
SecurityVulns ID:14347
Type:library
Threat Level:
5/10
Description:Crossite scripting in conversion to HTML.
Affected:RUBY : RedCloth 4.2
CVE:CVE-2012-6684 (Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 3168-1] ruby-redcloth security update (23.03.2015)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod