VDB

GCVE-110-MAGEIA-2018-449

GCVE-110-MAGEIA-2018-449
Advisory Published
Vulnetix · Advisory published November 15, 2018
There is a possible XSS vulnerability in Rack. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`.Applications that expect the scheme to be limited to "http" or "https" and do not escape the return value could be vulnerable to an XSS attack (CVE-2018-16471).

Affected Products

VendorProductVersionsPlatforms
Mageiaruby-rack0 (affected), 1.6.11-1.mga6 (unaffected)

Browse GCVE Records

73,443 records in the GCVE database · Updated July 18, 2026

No matching records found.

Explore Further

Investigate this vulnerability in the interactive console or download the raw GCVE record.

$ Console Community · 100/wk Open console ›