Lucene search

[email protected]NVD:CVE-2013-6459

HistoryDec 31, 2013 - 4:04 p.m.

CVE-2013-6459

2013-12-3116:04:23

CWE-79

[email protected]

web.nvd.nist.gov

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

Cross-site scripting (XSS) vulnerability in the will_paginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links.

Affected configurations

NVD

Node

mislav_marohnicwill_paginateRange≤3.0.4---ruby

mislav_marohnicwill_paginateMatch3.0---ruby

mislav_marohnicwill_paginateMatch3.0.1---ruby

mislav_marohnicwill_paginateMatch3.0.2---ruby

mislav_marohnicwill_paginateMatch3.0.3---ruby

References

secunia.com/advisories/56180

www.securityfocus.com/bid/64509

access.redhat.com/errata/RHSA-2018:0336

github.com/mislav/will_paginate/releases/tag/v3.0.5

4.3 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

7.1 High

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

60.3%

JSON

Related for NVD:CVE-2013-6459

fedora2 ubuntucve1 debiancve1 osv1 cvelist1 nessus3 veracode1 cve1 prion1 openvas1 seebug1 mageia1 github1 rubygems1 redhat1 rosalinux1