4 matches found
FreeBSD : rubygem-geminabox -- XSS vulnerabilities (27b38d85-c891-11e7-a7bd-cd1209e563f2)
NVD reports : Stored cross-site scripting XSS vulnerability in 'geminabox' Gem in a Box before 0.13.10 allows attackers to inject arbitrary web script via the 'homepage' value of a '.gemspec' file, related to views/gem.erb and views/index.erb. %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
CVE-2017-16792
Stored cross-site scripting XSS vulnerability in "geminabox" Gem in a Box before 0.13.10 allows attackers to inject arbitrary web script via the "homepage" value of a ".gemspec" file, related to views/gem.erb and views/index.erb...
CVE-2017-16792
Gem in a Box (geminabox) prior to version 0.13.10 is affected by a stored XSS vulnerability. An attacker can inject arbitrary script via the homepage field in a .gemspec, related to the views/gem.erb and views/index.erb templates. The CVE-2017-16792 entry is corroborated by multiple sources (incl...
CVE-2017-16792
Stored cross-site scripting XSS vulnerability in "geminabox" Gem in a Box before 0.13.10 allows attackers to inject arbitrary web script via the "homepage" value of a ".gemspec" file, related to views/gem.erb and views/index.erb...