Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:joshua_peek:rack-ssl:1.3.0:*:*:*:*:ruby:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2014-2538 |
Cross-site scripting (XSS) vulnerability in lib/rack/ssl.rb in the rack-ssl gem before 1.4.0 for Ruby allows remote attackers to inject arbitrary web script or HTML via a URI, which might not be properly handled by third-party adapters such as JRuby-Rack. Published: March 25, 2014; 2:21:48 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |