« List of all CVEs

CVE-2013-0256

Published: 3/1/2013 Last updated: 8/6/2024 Reserved: 12/6/2012

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.

CNA assigner: redhat (53f830b8-0a3f-465b-8143-3b8a9948e749) Requested by: n/a

Opam packages affected (1)

conf-ruby

Products affected (1)

Product Vendor Version
n/a n/a <= 5.10.*

References (24)