Lucene search
Veracode Vulnerability DatabaseVERACODE:40267HistoryApr 24, 2023 - 9:21 a.m.
Cross-Site Scripting (XSS)
2023-04-2409:21:11
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
cross-site scripting
vulnerability
sidekiq
user-input sanitization
javascript
browser endpoint
EPSS
0.027
Percentile
90.6%
sidekiq is vulnerable to Cross-Site Scripting (XSS). The vulnerability is due to a lack of user-input sanitization in application.rb which allows an attacker to inject and execute arbitrary JavaScript into the browser through the /metric endpoint.
Related
huntr
huntr
Reflected XSS on Sidekiq through multiples endpoints via GET parameter "period"
2023-04-02 21:39:17
osv
osv
sidekiq vulnerable to cross-site scripting
2023-04-21 06:30:19
CVE-2023-1892
2023-04-21 05:15:07
XSS sidekiq-unique-jobs UI server vulnerability
2024-02-13 18:34:16
github
github
sidekiq vulnerable to cross-site scripting
2023-04-21 06:30:19
XSS sidekiq-unique-jobs UI server vulnerability
2024-02-13 18:34:16
debiancve
debiancve
CVE-2023-1892
2023-04-21 05:15:07
ubuntucve
ubuntucve
CVE-2023-1892
2023-04-21 00:00:00
redhatcve
redhatcve
CVE-2023-1892
2023-04-21 12:57:23
rubygems
rubygems
sidekiq vulnerable to cross-site scripting
2023-04-20 21:00:00
cvelist
cvelist
CVE-2023-1892 Cross-site Scripting (XSS) - Reflected in sidekiq/sidekiq
2023-04-05 00:00:00
cve
cve
CVE-2023-1892
2023-04-21 05:15:07
prion
prion
Cross site scripting
2023-04-21 05:15:00
nuclei
nuclei
Sidekiq < 7.0.8 - Cross-Site Scripting
2024-04-25 10:42:58
nvd
nvd
CVE-2023-1892
2023-04-21 05:15:07