2 matches found
Pivotx Arbitrary Code Execution Vulnerability
Pivotx is an open source blog content management system Blog CMS. The system supports built-in comment review, spam protection and template replacement. A security vulnerability exists in Pivotx versions prior to 2.3.11, which stems from the program failing to validate a new file extension when...
DEBIAN-CVE-2011-0446
Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...