4 matches found
Astra Linux - уязвимость в yard
YARD is a Ruby documentation tool. The “frames.html” file within the generated documentation by YARD is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the “frames.erb” template file. This vulnerability has been fixed in...
SUSE CVE-2024-27285
YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in...
DEBIAN-CVE-2024-27285
YARD is a Ruby Documentation tool. The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of the "frames.erb" template file. This vulnerability is fixed in...
PT-2024-21793 · Yard +4 · Yard +4
Name of the Vulnerable Software and Affected Versions: YARD versions prior to 0.9.36 Description: The "frames.html" file within the Yard Doc's generated documentation is vulnerable to Cross-Site Scripting XSS attacks due to inadequate sanitization of user input within the JavaScript segment of th...