Eric Hodel

1 exploit Active since Mar 2013
CVE-2013-0256 WRITEUP WRITEUP
RDoc 2.3.0-3.12 and 4.x < 4.0.0.preview2.1 - Cross-Site Scripting via darkfish.js
darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.