CVE-2013-0256
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.
Cross-site Scripting
Vendor | Product | Version |
---|---|---|
ruby-lang | rdoc | 2.3.0 ≤ 𝑥 < 3.12 |
ruby-lang | rdoc | 4.0.0 |
ruby-lang | ruby | 1.9 |
ruby-lang | ruby | 1.9.1 |
ruby-lang | ruby | 1.9.2 |
ruby-lang | ruby | 1.9.3 |
ruby-lang | ruby | 1.9.3 |
ruby-lang | ruby | 1.9.3 |
ruby-lang | ruby | 1.9.3 |
ruby-lang | ruby | 1.9.3 |
ruby-lang | ruby | 1.9.3 |
ruby-lang | ruby | 2.0 |
ruby-lang | ruby | 2.0.0 |
ruby-lang | ruby | 2.0.0 |
ruby-lang | ruby | 2.0.0 |
canonical | ubuntu_linux | 12.04 |
canonical | ubuntu_linux | 12.10 |
Ubuntu Releases
Ubuntu Product | |||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
ruby-defaults |
| ||||||||||||||
ruby1.8 |
| ||||||||||||||
ruby1.9 |
| ||||||||||||||
ruby1.9.1 |
|
Common Weakness Enumeration