Lucene search
RubySecRUBY:WILL_PAGINATE-2013-6459-101138HistorySep 18, 2013 - 8:00 p.m.
CVE-2013-6459 rubygem-will_paginate: XSS vulnerabilities
2013-09-1820:00:00
RubySec
rubysec.com
7
Cross-site scripting (XSS) vulnerability in the will_paginate gem before
3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via
vectors involving generated pagination links. It was found that ruby will_paginate
is vulnerable to a XSS via malformed input that cause pagination to occur on an
improper boundary. This could allow an attacker with the ability to pass data to
the will_paginate gem to display arbitrary HTML including scripting code within
the web interface.
| CPE | Name | Operator | Version |
|---|---|---|---|
| will_paginate | lt | 3.0.5 |
References
Related
fedora
fedora
[SECURITY] Fedora 19 Update: rubygem-will_paginate-3.0.4-5.fc19
2014-01-21 05:52:47
[SECURITY] Fedora 20 Update: rubygem-will_paginate-3.0.4-5.fc20
2014-01-21 05:55:12
ubuntucve
ubuntucve
CVE-2013-6459
2013-12-31 00:00:00
osv
osv
will_paginate Cross-site Scripting vulnerability
2017-10-24 18:33:36
debiancve
debiancve
CVE-2013-6459
2013-12-31 16:04:00
nessus
nessus
Fedora 19 : rubygem-will_paginate-3.0.4-5.fc19 (2014-0094)
2014-01-21 00:00:00
Fedora 20 : rubygem-will_paginate-3.0.4-5.fc20 (2014-0066)
2014-01-21 00:00:00
RHEL 7 : Satellite Server (RHSA-2018:0336)
2018-02-28 00:00:00
veracode
veracode
Cross-site Scripting (XSS) Through Generated Pagination Links
2019-01-15 09:21:53
prion
prion
Cross site scripting
2013-12-31 16:04:00
openvas
openvas
Mageia: Security Advisory (MGASA-2014-0054)
2022-01-28 00:00:00
cve
cve
CVE-2013-6459
2013-12-31 16:04:00
seebug
seebug
Ruby will_paginate Gem跨站脚本漏洞
2014-01-06 00:00:00
github
github
will_paginate Cross-site Scripting vulnerability
2017-10-24 18:33:36
mageia
mageia
Updated ruby-will_paginate package fixes CVE-2013-6459
2014-02-12 02:37:02
redhat
redhat
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34
Related for RUBY:WILL_PAGINATE-2013-6459-101138