CVE-2013-4318

CVE-2013-4318 affects the Ruby Gems Features package (Ruby Features 0.3.0). The issue is a file handling flaw where input submitted to /tmp/out.html is not properly validated, enabling a local cross-site scripting (XSS) attack. Some sources describe the risk as a local XSS, while others reference...