CVE-2019-25088

Source

https://nvd.nist.gov/vuln/detail/CVE-2019-25088

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-25088.json

Aliases

GHSA-8qwh-rm6c-jv96

Published

2022-12-27T10:15:10Z

Modified

2024-04-11T04:54:55.518304Z

Details

A vulnerability was found in ytti Oxidized Web. It has been classified as problematic. Affected is an unknown function of the file lib/oxidized/web/views/confsearch.haml. The manipulation of the argument toresearch leads to cross site scripting. It is possible to launch the attack remotely. The name of the patch is 55ab9bdc68b03ebce9280b8746ef31d7fdedcc45. It is recommended to apply a patch to fix this issue. VDB-216870 is the identifier assigned to this vulnerability.

References

Affected packages

Git / github.com/ytti/oxidized-web

Affected ranges

Type: GIT
Repo: https://github.com/ytti/oxidized-web
Events: Introduced

0The exact introduced commit is unknown

Fixed

55ab9bdc68b03ebce9280b8746ef31d7fdedcc45

Affected versions

0.*

0.0.1

0.0.2

0.0.3

0.1.0

0.1.1

0.1.2

0.10.0

0.10.1

0.10.2

0.11.0

0.11.1

0.12.0

0.12.1

0.13.0

0.13.1

0.5.0

0.5.1

0.5.2

0.6.0

0.6.1

0.7.0

0.7.1

0.8.0

0.9.0

0.9.1

0.9.2

0.9.3

012.*

012.1