Summary: | <dev-ruby/will_paginate-3.0.5: Cross-Site Scripting Vulnerabilities (CVE-2013-6459) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | trivial | CC: | ruby |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://secunia.com/advisories/56180/ | ||
Whiteboard: | ~4 [noglsa] | ||
Package list: | Runtime testing required: | --- |
Description
Agostino Sarubbo
2013-12-24 11:53:59 UTC
will_paginate 3.0.5 is already in the tree for a few months, and I've just remove the older vulnerable versions. No stable versions. Thank you much, closing noglsa. CVE-2013-6459 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-6459): Cross-site scripting (XSS) vulnerability in the will_paginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links. |