Gemirro Cross-Site Scripting Vulnerability
Gemirro is a RubyGems image creation program based on Ruby. A cross-site scripting vulnerability exists in versions of Gemirro prior to 0.16.0. A remote attacker can inject arbitrary web scripts using a specially crafted javascript: URL in the homepage value of a .gemspec file...