oxidized-web 0.7.0
1 security vulnerability
found in version
0.7.0
Oxidized Web vulnerable to Cross-site Scripting
medium severity CVE-2019-25088
medium severity
CVE-2019-25088
A vulnerability was found in ytti Oxidized Web. It has been classified
as problematic. Affected is an unknown function of the file lib/oxidized/web/views/conf_search.haml.
The manipulation of the argument to_research leads to cross site scripting. It
is possible to launch the attack remotely. The name of the patch is 55ab9bdc68b03ebce9280b8746ef31d7fdedcc45.
It is recommended to apply a patch to fix this issue. VDB-216870 is the identifier
assigned to this vulnerability.
No officially reported memory leakage issues detected.
This gem version does not have any officially reported memory leaked issues.
No license issues detected.
This gem version has a license in the gemspec.
This gem version is available.
This gem version has not been yanked and is still available for usage.