Lucene search
GoogleOSV:GHSA-MQ35-WQVF-R23CHistoryJun 05, 2018 - 9:32 p.m.
Sinatra Cross-site Scripting vulnerability
2018-06-0521:32:06
Google
osv.dev
11
0.001 Low
EPSS
Percentile
44.7%
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
References
access.redhat.com/errata/RHSA-2019:0212
access.redhat.com/errata/RHSA-2019:0315
github.com/rubysec/ruby-advisory-db/blob/master/gems/sinatra/CVE-2018-11627.yml
github.com/sinatra/sinatra
github.com/sinatra/sinatra/commit/12786867d6faaceaec62c7c2cb5b0e2dc074d71a
github.com/sinatra/sinatra/issues/1428
nvd.nist.gov/vuln/detail/CVE-2018-11627
Related
debiancve
debiancve
CVE-2018-11627
2018-05-31 19:29:00
osv
osv
CVE-2018-11627
2018-05-31 19:29:00
nessus
nessus
RHEL 7 : CloudForms 4.6.8 (RHSA-2019:0315)
2024-04-27 00:00:00
Fedora 28 : 1:rubygem-sinatra (2018-3f61c5cf7c)
2019-01-03 00:00:00
Fedora 27 : 1:rubygem-sinatra (2018-0b17e1e529)
2018-06-25 00:00:00
openvas
openvas
Fedora Update for rubygem-sinatra FEDORA-2018-0b17e1e529
2018-06-24 00:00:00
Fedora Update for rubygem-sinatra FEDORA-2018-3f61c5cf7c
2018-06-24 00:00:00
freebsd
freebsd
sinatra -- XSS vulnerability
2018-06-09 00:00:00
ubuntucve
ubuntucve
CVE-2018-11627
2018-05-31 00:00:00
fedora
fedora
[SECURITY] Fedora 27 Update: rubygem-sinatra-2.0.0-3.fc27
2018-06-23 19:57:17
[SECURITY] Fedora 28 Update: rubygem-sinatra-2.0.0-4.fc28
2018-06-23 20:49:00
veracode
veracode
Cross-site Scripting (XSS)
2018-05-31 03:16:08
prion
prion
Cross site request forgery (csrf)
2018-05-31 19:29:00
cvelist
cvelist
CVE-2018-11627
2018-05-31 19:00:00
redhat
redhat
github
github
Sinatra Cross-site Scripting vulnerability
2018-06-05 21:32:06
cve
cve
CVE-2018-11627
2018-05-31 19:29:00
redhatcve
redhatcve
CVE-2018-11627
2018-06-01 14:49:42
nvd
nvd
CVE-2018-11627
2018-05-31 19:29:00