Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-50727

Опубликовано: 22 дек. 2023
Источник: nvd
CVSS3: 6.3
CVSS3: 6.1
EPSS Низкий

Описание

Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. Reflected XSS issue occurs when /queues is appended with /"><svg%20onload=alert(domain)>. This issue has been patched in version 2.6.0.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:resque:resque:*:*:*:*:*:ruby:*:*
Версия до 2.6.0 (исключая)

EPSS

Процентиль: 71%
0.00657
Низкий

6.3 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79

Связанные уязвимости

redhat логотип

CVE-2023-50727

CVSS3: 6.3
redhat
около 2 лет назад

Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. Reflected XSS issue occurs when /queues is appended with /"><svg%20onload=alert(domain)>. This issue has been patched in version 2.6.0.

github логотип

GHSA-r9mq-m72x-257g

CVSS3: 6.3
github
около 2 лет назад

Resque vulnerable to reflected XSS in Queue Endpoint

EPSS

Процентиль: 71%
0.00657
Низкий

6.3 Medium

CVSS3

6.1 Medium

CVSS3

Дефекты

CWE-79