GHSA-3jqw-vv45-mjhh
Suggest an improvement- Source
- https://github.com/advisories/GHSA-3jqw-vv45-mjhh
- Import Source
- https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2020/02/GHSA-3jqw-vv45-mjhh/GHSA-3jqw-vv45-mjhh.json
- JSON Data
- https://api.osv.dev/v1/vulns/GHSA-3jqw-vv45-mjhh
- Aliases
- Published
- 2020-02-12T23:37:46Z
- Modified
- 2023-11-08T04:03:52.722863Z
- Severity
-
- 7.7 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N CVSS Calculator
- Summary
- XSS/Script injection vulnerability in matestack
- Details
-
matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection.
This vulnerability is patched in version 0.7.4.
- Database specific
{ "nvd_published_at": null, "cwe_ids": [ "CWE-80" ], "severity": "HIGH", "github_reviewed": true, "github_reviewed_at": "2020-02-12T23:37:29Z" }- References
-
- https://github.com/matestack/matestack-ui-core/security/advisories/GHSA-3jqw-vv45-mjhh
- https://nvd.nist.gov/vuln/detail/CVE-2020-5241
- https://github.com/matestack/matestack-ui-core/commit/5c61571739e860db9ca578fe09ab4733878cb0fc
- https://github.com/matestack/matestack-ui-core/commit/e96915cf20c4fa0571df7fa21e9b09a69be19107
- https://github.com/matestack/matestack-ui-core
- https://github.com/rubysec/ruby-advisory-db/blob/master/gems/matestack-ui-core/CVE-2020-5241.yml
Affected packages
RubyGems / matestack-ui-core
Package
- Name
- matestack-ui-core
- Purl
- pkg:gem/matestack-ui-core