CVE-2023-50724

Resque pronounced like "rescue" is a Redis-backed library for creating background jobs, placing those jobs on multiple queues, and processing them later. resque-web in resque versions before 2.1.0 are vulnerable to reflected XSS through the currentqueue parameter in the path of the queues endpoin...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the currentqueue parameter in the path of the queues endpoint. An attacker can manipulate the output displayed to the user by injecting malicious scripts into the web page. Details Cross-site scripting or XS...

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via the currentqueue portion of the path on the /queues endpoint. An attacker can manipulate the output of the web page by injecting malicious scripts into the URL path. Details Cross-site scripting or XSS is a...

PT-2023-31623 · Resque · Resque

Name of the Vulnerable Software and Affected Versions: Resque versions prior to 2.1.0 Description: The issue is related to reflected Cross Site Scripting XSS through the current queue parameter in the path of the queues endpoint. This allows for potential exploitation by manipulating the endpoint...

PT-2023-31625 · Resque · Resque

Name of the Vulnerable Software and Affected Versions: Resque versions prior to 2.6.0 Description: A reflected XSS issue occurs when the /queues endpoint is appended with malicious input, such as ". This allows for cross-site scripting attacks. The estimated number of potentially affected devices...