CVE-2013-0256

darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL...

PT-2013-2191 · Ruby +2 · Rdoc +3

Name of the Vulnerable Software and Affected Versions: RDoc versions 2.3.0 through 3.12 RDoc versions 4.x before 4.0.0.preview2.1 Description: The issue allows remote attackers to conduct cross-site scripting XSS attacks via a crafted URL, due to improper document generation by darkfish.js in RDo...