CVE-2024-32463

phlex is an open source framework for building object-oriented views in Ruby. There is a potential cross-site scripting XSS vulnerability that can be exploited via maliciously crafted user data. The filter to detect and prevent the use of the javascript: URL scheme in the href attribute of an tag...

phlex Cross-Site Scripting Vulnerability

phlex is a framework for building object-oriented views in Ruby. A cross-site scripting vulnerability exists in versions prior to phlex 1.9.1, which stems from code that is not properly case-sensitive, resulting in cross-site scripting...