CVE-2024-39311
Publify CVE-2024-39311 is a publicly documented XSS vulnerability in older Publify Rails apps. Before Publify 10.0.1 (and before publify_core 10.0.2), a publisher could trigger an administrator XSS via the redirect feature, requiring the admin to click a malicious link. Impact described includes ...