4 matches found
rubygem-will_paginate: XSS vulnerabilities
It was found that ruby willpaginate is vulnerable to a XSS via malformed input that cause pagination to occur on an improper boundary. This could allow an attacker with the ability to pass data to the willpaginate gem to display arbitrary HTML including scripting code within the web interface...
MGASA-2014-0054 Updated ruby-will_paginate package fixes CVE-2013-6459
Updated ruby-willpaginate packages fix security vulnerability: Cross-Site Scripting XSS vulnerabilities were found in willpaginate gem for Ruby, where certain input related to generated pagination links were not properly sanitised before being returned. This could be exploited to execute arbitrar...
DEBIAN-CVE-2013-6459
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...
UBUNTU-CVE-2013-6459
Cross-site scripting XSS vulnerability in the willpaginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links...