File tree Expand file tree Collapse file tree 1 file changed +39
-0
lines changed Expand file tree Collapse file tree 1 file changed +39
-0
lines changed Original file line number Diff line number Diff line change 1+ ---
2+ gem : rwiki
3+ cve : 2006-2581
4+ ghsa : gvhx-gj42-m28v
5+ url : https://web.archive.org/web/20090501134922/http://www2a.biglobe.ne.jp/~seki/ruby/rwiki.html
6+ title : RWiki before 2.1.1 has cross-site scripting vulnerability
7+ date : 2006-05-14
8+ description : |
9+ Cross-site scripting (XSS) vulnerability in Wiki content in
10+ RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to inject
11+ arbitrary web script or HTML via unknown attack vectors.
12+ cvss_v2 : 4.3
13+ unaffected_versions :
14+ - " < 2.1.0pre1"
15+ patched_versions :
16+ - " >= 2.1.1"
17+ related :
18+ cve :
19+ - 2006-2582
20+ ghsa :
21+ - wwmf-6p58-6vj2
22+ url :
23+ - https://nvd.nist.gov/vuln/detail/CVE-2006-2581
24+ - https://exchange.xforce.ibmcloud.com/vulnerabilities/26664
25+ - https://github.com/advisories/GHSA-wwmf-6p58-6vj2
26+ - https://github.com/advisories/GHSA-gvhx-gj42-m28v
27+ - https://rubygems.org/gems/rwiki
28+ - https://web.archive.org/web/20090501134922/http://www2a.biglobe.ne.jp/~seki/ruby/rwiki.html
29+ - https://web.archive.org/web/20090504061152/http://pub.cozmixng.org/~the-rwiki/rw-cgi.rb?cmd=view;name=top
30+ - https://web.archive.org/web/20081201080215/http://secunia.com/advisories/20264
31+ - https://web.archive.org/web/20090524010623/http://www.vupen.com/english/advisories/2006/1949
32+ notes : |
33+ - Best references are in Japanese.
34+ - Source code link on rubygems.org goes to
35+ lucassus/rwiki (last version 0.2.5, not 2.1.1).
36+ - Found two other repos:
37+ - https://github.com/rwiki/rwiki
38+ - https://github.com/ytakhs/rwiki
39+ - CWE: [NVD-CWE-Other] MODERATE
You can’t perform that action at this time.
0 commit comments