Lucene search
GitHub Advisory DatabaseGHSA-MQ35-WQVF-R23CHistoryJun 05, 2018 - 9:32 p.m.
Sinatra Cross-site Scripting vulnerability
2018-06-0521:32:06
CWE-79
GitHub Advisory Database
github.com
14
0.001 Low
EPSS
Percentile
44.3%
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
References
access.redhat.com/errata/RHSA-2019:0212
access.redhat.com/errata/RHSA-2019:0315
github.com/advisories/GHSA-mq35-wqvf-r23c
github.com/rubysec/ruby-advisory-db/blob/master/gems/sinatra/CVE-2018-11627.yml
github.com/sinatra/sinatra/commit/12786867d6faaceaec62c7c2cb5b0e2dc074d71a
github.com/sinatra/sinatra/issues/1428
nvd.nist.gov/vuln/detail/CVE-2018-11627
Related
nessus
nessus
RHEL 7 : CloudForms 4.6.8 (RHSA-2019:0315)
2024-04-27 00:00:00
Fedora 27 : 1:rubygem-sinatra (2018-0b17e1e529)
2018-06-25 00:00:00
osv
osv
CVE-2018-11627
2018-05-31 19:29:00
Sinatra Cross-site Scripting vulnerability
2018-06-05 21:32:06
debiancve
debiancve
CVE-2018-11627
2018-05-31 19:29:00
redhatcve
redhatcve
CVE-2018-11627
2018-06-01 14:49:42
fedora
fedora
[SECURITY] Fedora 28 Update: rubygem-sinatra-2.0.0-4.fc28
2018-06-23 20:49:00
[SECURITY] Fedora 27 Update: rubygem-sinatra-2.0.0-3.fc27
2018-06-23 19:57:17
cve
cve
CVE-2018-11627
2018-05-31 19:29:00
openvas
openvas
Fedora Update for rubygem-sinatra FEDORA-2018-3f61c5cf7c
2018-06-24 00:00:00
Fedora Update for rubygem-sinatra FEDORA-2018-0b17e1e529
2018-06-24 00:00:00
cvelist
cvelist
CVE-2018-11627
2018-05-31 19:00:00
redhat
redhat
prion
prion
Cross site request forgery (csrf)
2018-05-31 19:29:00
veracode
veracode
Cross-site Scripting (XSS)
2018-05-31 03:16:08
freebsd
freebsd
sinatra -- XSS vulnerability
2018-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2018-11627
2018-05-31 00:00:00