CVE-2012-6684

Опубликовано: 08 янв. 2015

Источник: debian

EPSS Низкий

Описание

Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ruby-redcloth	fixed	4.2.9-4		package
redcloth	removed			package

Примечания

http://co3k.org/blog/redcloth-unfixed-xss-en

EPSS

Процентиль: 63%

0.00441

Низкий

Связанные уязвимости

CVE-2012-6684

ubuntu

около 11 лет назад

Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI.

CVE-2012-6684

redhat

почти 14 лет назад

Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI.

CVE-2012-6684

nvd

около 11 лет назад

Cross-site scripting (XSS) vulnerability in the RedCloth library 4.2.9 for Ruby and earlier allows remote attackers to inject arbitrary web script or HTML via a javascript: URI.

GHSA-r23g-3qw4-gfh2

github

больше 8 лет назад

RedCloth Cross-site Scripting vulnerability

EPSS

Процентиль: 63%

0.00441

Низкий