CVE-2018-16471
MEDIUMRack < 1.6.11 and 2.0.0-2.0.6 - Cross-Site Scripting via Scheme Method
Title source: llmDescription
There is a possible XSS vulnerability in Rack before 2.0.6 and 1.6.11. Carefully crafted requests can impact the data returned by the `scheme` method on `Rack::Request`. Applications that expect the scheme to be limited to 'http' or 'https' and do not escape the return value could be vulnerable to an XSS attack. Note that applications using the normal escaping mechanisms provided by Rails may not impacted, but applications that bypass the escaping mechanisms, or do not use them may be vulnerable.
References (5)
Core 5
Core References
Mailing List x_refsource_misc
https://groups.google.com/forum/#%21topic/rubyonrails-security/GKsAFT924Ag
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2018/11/msg00022.html
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00032.html
Vendor Advisory vendor-advisory
x_refsource_ubuntu
https://usn.ubuntu.com/4089-1/
Mailing List vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00016.html
Scores
CVSS v3
6.1
EPSS
0.0083
EPSS Percentile
74.8%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
Details
CWE
CWE-79
Status
published
Products (3)
debian/debian_linux
8.0
rack_project/rack
1.6.0 - 1.6.11
rubygems/rack
2.0.0 - 2.0.6RubyGems
Published
Nov 13, 2018
Tracked Since
Feb 18, 2026