VDB
MAGEIA-2014-54
MAGEIA-2014-54
PUBLISHED
Updated ruby-will_paginate packages fix security vulnerability: Cross-Site Scripting (XSS) vulnerabilities were found in will_paginate gem for Ruby, where certain input related to generated pagination links were not properly sanitised before being returned. This could be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. (CVE-2013-6459).
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Mageia | ruby-will_paginate | 3.0.3-3.1.mga3, 0, 3.0.3-3.1.mga3 |
| Mageia | desktop-common-data | 0, 3.6-1.mga4 |
Timeline
- Feb 11, 2014 CVE Updated
- Feb 11, 2014 CVE Published
References
- Updated ruby-will_paginate package fixes CVE-2013-6459 advisory
- Updated ruby-will_paginate package fixes CVE-2013-6459 issue
- Updated ruby-will_paginate package fixes CVE-2013-6459 issue
- Updated ruby-will_paginate package fixes CVE-2013-6459 issue
- Updated desktop-common-data package provides updated translations advisory
- Updated desktop-common-data package provides updated translations issue