Lucene search
Veracode Vulnerability DatabaseVERACODE:38722HistoryJan 02, 2023 - 3:00 p.m.
Cross-Site Scripting (XSS)
2023-01-0215:00:14
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
8
cross-site scripting
oxidized-web
conf_search.haml
manipulation
to_research
arbitrary javascript
vulnerability
software
EPSS
0.001
Percentile
40.7%
oxidized-web is vulnerable to cross-site scripting. The vulnerability exists in conf_search.haml due to manipulation of the argument to_research which allows an attacker to inject and execute arbitrary javascript.
Related
github
github
Oxidized Web vulnerable to Cross-site Scripting
2022-12-27 12:30:20
rubygems
rubygems
Oxidized Web vulnerable to Cross-site Scripting
2022-12-26 21:00:00
cve
cve
CVE-2019-25088
2022-12-27 10:15:10
osv
osv
Oxidized Web vulnerable to Cross-site Scripting
2022-12-27 12:30:20
CVE-2019-25088
2022-12-27 10:15:10
prion
prion
Cross site scripting
2022-12-27 10:15:00
nvd
nvd
CVE-2019-25088
2022-12-27 10:15:10
cvelist
cvelist
CVE-2019-25088 ytti Oxidized Web conf_search.haml cross site scripting
2022-12-27 09:41:31