EPSS
Percentile
39.5%
grape is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists through error.rb where a rendered response could cause XSS attacks.
error.rb
github.com/ctennis/grape/commit/e209ec029ddd03a1e195a1405249cf07ebe3edee
github.com/ruby-grape/grape/commit/6876b71efc7b03f7ce1be3f075eaa4e7e6de19af
github.com/ruby-grape/grape/issues/1762
github.com/ruby-grape/grape/pull/1763