0.008 Low
EPSS
Percentile
81.7%
rack is vulnerable to cross-site scripting (XSS) attacks. The vulnerability exists due to the lack of sanitization on the data returned by the scheme method in Rack::Request, allowing XSS attacks.
scheme
Rack::Request
github.com/rack/rack/commit/313dd6a05a5924ed6c82072299c53fed09e39ae7
github.com/rack/rack/commit/97ca63d87d88b4088fb1995b14103d4fe6a5e594
github.com/rubysec/ruby-advisory-db/pull/369