CVE-2020-5241

HIGH

matestack-ui-core < 0.7.4 - Cross-Site Scripting

Title source: llm
STIX 2.1

Description

matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection. This vulnerability is patched in version 0.7.4.

References (1)

Core 1
Core References

Scores

CVSS v3 7.7
EPSS 0.0034
EPSS Percentile 56.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:H/A:N

Details

CWE
CWE-80 CWE-79
Status published
Products (2)
matestack/ui-core < 0.7.4
rubygems/matestack-ui-core 0 - 0.7.4RubyGems
Published Feb 13, 2020
Tracked Since Feb 18, 2026