Cross-Site Scripting (XSS)

oxidized-web is vulnerable to cross-site scripting. The vulnerability exists in confsearch.haml due to manipulation of the argument toresearch which allows an attacker to inject and execute arbitrary javascript...

Oxidized Web vulnerable to Cross-site Scripting

A vulnerability was found in ytti Oxidized Web. It has been classified as problematic. Affected is an unknown function of the file lib/oxidized/web/views/confsearch.haml. The manipulation of the argument toresearch leads to cross site scripting. It is possible to launch the attack remotely. The...