Lucene search
K

6 matches found

Snyk
Snyk
added 2023/12/19 10:21 p.m.2 views

Cross-site Scripting (XSS)

Overview resque-scheduler is a light-weight job scheduling system built on top of Resque Affected versions of this package are vulnerable to Cross-site Scripting XSS via the schedulejob or args parameters in the /resque/delayed/jobs/schedulejob?args=argsid URL. An attacker can inject malicious...

6.1CVSS5.3AI score0.0064EPSS
Exploits1References2
RubySec
RubySec
added 2023/12/18 12:0 a.m.20 views

Resque Scheduler Reflected XSS In Delayed Jobs View

Impact Resque Scheduler version 1.27.4 and above are affected by a cross-site scripting vulnerability. A remote attacker can inject javascript code to the "schedulejob" or "args" parameter in /resque/delayed/jobs/schedulejob?args=argsid to execute javascript at client side. Patches Fixed in v4.10...

6.1CVSS7.1AI score0.0064EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/12/13 3:30 p.m.4 views

GHSA-Q7JC-V6F2-Q9JR Duplicate Advisory: Resque Scheduler Reflected XSS In Delayed Jobs View

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9hmq-fm33-x4xx. This link is maintained to preserve external references. Original Description Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting XSS. A remote attacker could inject javascript...

6.1CVSS6.3AI score0.0064EPSS
Exploits1References3
OSV
OSV
added 2022/12/13 3:15 p.m.4 views

CVE-2022-44303

Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting XSS. A remote attacker could inject javascript code to the "schedulejob" or "args" parameter in /resque/delayed/jobs/schedulejob?args=argsid to execute javascript at client side...

6.1CVSS5.9AI score0.0064EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2022/12/13 12:0 a.m.3 views

PT-2022-27174 · Unknown · Resque Scheduler

Name of the Vulnerable Software and Affected Versions: Resque Scheduler version 1.27.4 Description: A remote attacker could inject javascript code to the schedule job or args parameters in "/resque/delayed/jobs/schedule job?args=args id" to execute javascript at the client side, resulting in a...

6.1CVSS6AI score0.0064EPSS
Exploits1References10
CNNVD
CNNVD
added 2022/12/13 12:0 a.m.4 views

Resque Scheduler 跨站脚本漏洞

Resque Scheduler is Resque open source a lightweight job scheduling system built on Resque . Resque Scheduler version 1.27.4 security vulnerability , the vulnerability stems from the vulnerability to cross-site scripting XSS attacks , a remote attacker can inject javascript code into...

6.1CVSS6.2AI score0.0064EPSS
Exploits1References3
Rows per page
Query Builder