Lucene search

Gem in a Box vulnerable to Cross-site Request Forgery

🗓️ 13 May 2022 01:05:31Reported by GitHub Advisory DatabaseType

Gem in a Box CSRF vulnerabilit

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 10
OSV	Gem in a Box vulnerable to Cross-site Request Forgery	13 May 202201:31	–	osv
OSV	CVE-2017-14683	25 Sep 201708:29	–	osv
Prion	Cross site request forgery (csrf)	25 Sep 201708:29	–	prion
Veracode	Cross-Site Request Forgery(CSRF)	29 Sep 201701:32	–	veracode
Cvelist	CVE-2017-14683	25 Sep 201708:00	–	cvelist
NVD	CVE-2017-14683	25 Sep 201708:29	–	nvd
CVE	CVE-2017-14683	25 Sep 201708:29	–	cve
RubySec	Gem in a Box vulnerable to Cross-site Request Forgery	12 May 202221:00	–	rubygems
Tenable Nessus	FreeBSD : rubygem-geminabox -- XSS & CSRF vulnerabilities (2bffdf2f-9d45-11e7-a25c-471bafc3262f)	20 Sep 201700:00	–	nessus
FreeBSD	rubygem-geminabox -- XSS & CSRF vulnerabilities	18 Sep 201700:00	–	freebsd

Vulners

Node

geminabox_project geminaboxRange<0.13.7

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2017-14683
github	www.github.com/geminabox/geminabox/blob/master/CHANGELOG.md
baraktawily	www.baraktawily.blogspot.co.il/2017/09/gem-in-box-xss-vulenrability-cve-2017.html
github	www.github.com/geminabox/geminabox/commit/a01c4e8b3403624109499dec75eb6ee30bd01a55
github	www.github.com/rubysec/ruby-advisory-db/blob/master/gems/geminabox/CVE-2017-14683.yml
github	www.github.com/advisories/GHSA-qwv2-2x8g-g43g

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

13 May 2022 01:31Current

3.1Low risk

Vulners AI Score3.1

CVSS26.8

CVSS38.8

EPSS0.00121

CWE-352