VDB

MAGEIA-2014-54

MAGEIA-2014-54 PUBLISHED

Updated ruby-will_paginate packages fix security vulnerability: Cross-Site Scripting (XSS) vulnerabilities were found in will_paginate gem for Ruby, where certain input related to generated pagination links were not properly sanitised before being returned. This could be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. (CVE-2013-6459).

Affected Products

VendorProductVersions
Mageiaruby-will_paginate3.0.3-3.1.mga3, 0, 3.0.3-3.1.mga3
Mageiadesktop-common-data0, 3.6-1.mga4

Timeline

  • Feb 11, 2014 CVE Updated
  • Feb 11, 2014 CVE Published
Open in Interactive Console →
$ Console Community · 100/wk Open console ›