4 matches found
Cross-site Scripting (XSS)
keynote is vulnerable to cross-site scripting. The vulnerability exists because the attrstos function of rumble.rb does not properly escape the quotes in attributes, allowing an attacker to inject and execute malicious JavaScript...
keynote Cross-site Scripting vulnerability
A vulnerability was found in rf Keynote up to 0.x. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. Upgrading to...
CVE-2017-20159
A vulnerability was found in rf Keynote up to 0.x on Rails. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. Upgradin...
CVE-2017-20159 rf Keynote rumble.rb cross site scripting
A vulnerability was found in rf Keynote up to 0.x on Rails. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. Upgradin...