CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

18 matches found

RedhatCVE•added 2025/05/23 12:5 a.m.•5 views

CVE-2022-44303

Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting XSS. A remote attacker could inject javascript code to the "schedulejob" or "args" parameter in /resque/delayed/jobs/schedulejob?args=argsid to execute javascript at client side...

6.1CVSS6.8AI score0.00152EPSS

Exploits1References1

CNNVD•added 2023/12/21 12:0 a.m.•1 views

Resque Cross-Site Scripting Vulnerability

Resque Scheduler is Resque open source a lightweight job scheduling system built on Resque . Resque version 2.1.0 before the cross-site scripting vulnerability , the vulnerability stems from easy through the queue endpoint path in the currentqueue parameter by reflective cross-site scripting XSS...

6.3CVSS6AI score0.00943EPSS

Exploits1References4

Snyk•added 2023/12/19 10:21 p.m.•2 views

Cross-site Scripting (XSS)

Overview resque-scheduler is a light-weight job scheduling system built on top of Resque Affected versions of this package are vulnerable to Cross-site Scripting XSS via the schedulejob or args parameters in the /resque/delayed/jobs/schedulejob?args=argsid URL. An attacker can inject malicious...

6.1CVSS5.3AI score0.00152EPSS

Exploits1References2

Veracode•added 2023/12/19 8:57 a.m.•16 views

Cross Site Scripting (XSS)

resque-scheduler is vulnerable to Reflected Cross Site Scripting XSS. The vulnerability is due to lack of schedulejob or args parameter sanitizion while processing a /resque/delayed/jobs/schedulejob?args=argsid request. An attacker can send a maliciously crafted url replacing schedulejob or the...

6.1CVSS5.9AI score0.00152EPSS

Exploits1References7Affected Software1

Github Security Blog•added 2023/12/18 7:30 p.m.•23 views

Resque Scheduler Reflected XSS In Delayed Jobs View

Impact Resque Scheduler version 1.27.4 and above are affected by a cross-site scripting vulnerability. A remote attacker can inject javascript code to the "schedulejob" or "args" parameter in /resque/delayed/jobs/schedulejob?args=argsid to execute javascript at client side. Patches Fixed in v4.10...

6.1CVSS6.8AI score0.00152EPSS

Exploits1References5Affected Software1

OSV•added 2023/12/18 7:30 p.m.•9 views

GHSA-9HMQ-FM33-X4XX Resque Scheduler Reflected XSS In Delayed Jobs View

6.3CVSS6.1AI score0.00152EPSS

Exploits1References5

RubySec•added 2023/12/18 12:0 a.m.•20 views

Resque Scheduler Reflected XSS In Delayed Jobs View

6.1CVSS7.1AI score0.00152EPSS

Exploits1References1Affected Software1

Github Security Blog•added 2022/12/13 3:30 p.m.•10 views

Duplicate Advisory: Resque Scheduler Reflected XSS In Delayed Jobs View

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9hmq-fm33-x4xx. This link is maintained to preserve external references. Original Description Resque Scheduler version 1.27.4 is vulnerable to Cross-site scripting XSS. A remote attacker could inject javascript...

6.1CVSS7.1AI score0.00152EPSS

Exploits1References4Affected Software1

OSV•added 2022/12/13 3:30 p.m.•3 views

GHSA-Q7JC-V6F2-Q9JR Duplicate Advisory: Resque Scheduler Reflected XSS In Delayed Jobs View

6.1CVSS6.3AI score0.00152EPSS

Exploits1References3

NVD•added 2022/12/13 3:15 p.m.•8 views

CVE-2022-44303

6.1CVSS0.00152EPSS

Exploits1References2

OSV•added 2022/12/13 3:15 p.m.•0 views

CVE-2022-44303

6.1CVSS5.9AI score

Exploits0References2

Prion•added 2022/12/13 3:15 p.m.•12 views

Cross site scripting

5.8CVSS6.3AI score0.00152EPSS

Exploits1References2

CVE•added 2022/12/13 12:0 a.m.•63 views

CVE-2022-44303

CVE-2022-44303 affects Resque Scheduler (Resque Scheduler 1.27.4 and above). The vulnerability is a cross-site scripting (XSS) flaw exploitable via the schedule_job or args parameters in the URL path /resque/delayed/jobs/{schedule_job}?args={args_id}, allowing an attacker to inject JavaScript tha...

6.1CVSS6.3AI score0.00152EPSS

Exploits1References2Affected Software1

Positive Technologies•added 2022/12/13 12:0 a.m.•1 views

PT-2022-27174 · Unknown · Resque Scheduler

Name of the Vulnerable Software and Affected Versions: Resque Scheduler version 1.27.4 Description: A remote attacker could inject javascript code to the schedule job or args parameters in "/resque/delayed/jobs/schedule job?args=args id" to execute javascript at the client side, resulting in a...

6.1CVSS6AI score0.00152EPSS

Exploits1References10

Vulnrichment•added 2022/12/13 12:0 a.m.•5 views

CVE-2022-44303

6.5AI score0.00152EPSS

Exploits1References2

Cvelist•added 2022/12/13 12:0 a.m.•16 views

CVE-2022-44303

6.5AI score0.00152EPSS

Exploits1References2

CNNVD•added 2022/12/13 12:0 a.m.•2 views

Resque Scheduler 跨站脚本漏洞

Resque Scheduler is Resque open source a lightweight job scheduling system built on Resque . Resque Scheduler version 1.27.4 security vulnerability , the vulnerability stems from the vulnerability to cross-site scripting XSS attacks , a remote attacker can inject javascript code into...

6.1CVSS6.2AI score0.00152EPSS

Exploits1References3

Veracode•added 2019/12/27 3:57 a.m.•11 views

Cross-site Scripting (XSS)

resque-scheduler is vulnerable to cross-site scripting XSS. The attack exists because it does not sanitize the input parameter value in delayed/search page...

2.2AI score

Exploits0

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by