Vulnerabilities

CVE-2013-0256

by Fred · 28/02/2013

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.

Date published : 2013-02-28

http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/

https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60

Similar

Tags: Cybersecurity Alert