oss-sec mailing list archives
CVE Request: rubygem-will_paginate XSS vulnerabilities
From: Ratul Gupta <ratulg () redhat com>
Date: Fri, 27 Dec 2013 01:13:46 +0530
Hello, https://bugzilla.redhat.com/show_bug.cgi?id=1046642Cross-Site Scripting (XSS) vulnerabilities were found in will_paginate gem for Ruby, where certain input related to generated pagination links were not properly sanitised before being returned. This could be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.
Can a CVE please be assigned to this issue? -- Regards, Ratul Gupta / Red Hat Security Response Team
Current thread:
- CVE Request: rubygem-will_paginate XSS vulnerabilities Ratul Gupta (Dec 26)
- Re: CVE Request: rubygem-will_paginate XSS vulnerabilities Kurt Seifried (Dec 26)