CVE-2013-6459

Mislav Marohnic Will Paginate < 3.0.4 - XSS

Title source: rule

Description

Cross-site scripting (XSS) vulnerability in the will_paginate gem before 3.0.5 for Ruby allows remote attackers to inject arbitrary web script or HTML via vectors involving generated pagination links.

References (4)

[Vendor Advisory] http://secunia.com/advisories/56180

[Vendor Advisory] https://access.redhat.com/errata/RHSA-2018:0336

[Patch, Vendor Advisory] https://github.com/mislav/will_paginate/releases/tag/v3.0.5

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/64509

Scores

EPSS 0.0036

EPSS Percentile 58.1%

Details

CWE

CWE-79

Status published

Products (7)

mislav_marohnic/will_paginate < 3.0.4

mislav_marohnic/will_paginate

rubygems/will_paginate < 3.0.5RubyGems

n/a/n/a

Published Dec 31, 2013

Tracked Since Feb 18, 2026