Lucene search

CVE-2013-2105

🗓️ 22 Apr 2014 14:33:23Reported by redhatType

The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 6
NVD	CVE-2013-2105	22 Apr 201414:23	–	nvd
Prion	Improper access control	22 Apr 201414:23	–	prion
OSV	GHSA-9HX9-W2J6-RW76 Script Injection in Show In Browser gem	24 Oct 201718:33	–	osv
RubySec	Show In Browser Gem for Ruby /tmp/browser.html Arbitrary Script Injection	16 May 201320:00	–	rubygems
Github Security Blog	Script Injection in Show In Browser gem	24 Oct 201718:33	–	github
Cvelist	CVE-2013-2105	22 Apr 201414:00	–	cvelist

Nvd

Node

jonathan_leung show_in_browserMatch0.0.3ruby

Source	Link
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/84378
vapid	www.vapid.dhs.org/advisories/show_in_browser.html
openwall	www.openwall.com/lists/oss-security/2013/05/18/4

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

22 Apr 2014 14:23Current

6.3Medium risk

Vulners AI Score6.3

CVSS23.3

EPSS0.00056

CWE-59