Security Advisory

CVE-2017-16792

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2017-11-13 09:00:00

Last updated 2024-08-05 20:35:21

Assigner mitre

State PUBLISHED

Description

Stored cross-site scripting (XSS) vulnerability in "geminabox" (Gem in a Box) before 0.13.10 allows attackers to inject arbitrary web script via the "homepage" value of a ".gemspec" file, related to views/gem.erb and views/index.erb.

← Browse all CVEs View on cve.org ↗