ADVISORIES

• CVE-2006-2581 (NVD)
• GHSA-gvhx-gj42-m28v
• Vendor Advisory

GEM

rwiki

SEVERITY

CVSS v2.0: 4.3 (Medium)

UNAFFECTED VERSIONS

• < 2.1.0pre1

PATCHED VERSIONS

• >= 2.1.1

DESCRIPTION

Cross-site scripting (XSS) vulnerability in Wiki content in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

RELATED

• CVE-2006-2582 (NVD)
• GHSA-wwmf-6p58-6vj2
• https://nvd.nist.gov/vuln/detail/CVE-2006-2581
• https://exchange.xforce.ibmcloud.com/vulnerabilities/26664
• https://github.com/advisories/GHSA-wwmf-6p58-6vj2
• https://github.com/advisories/GHSA-gvhx-gj42-m28v
• https://rubygems.org/gems/rwiki
• https://web.archive.org/web/20090501134922/http://www2a.biglobe.ne.jp/~seki/ruby/rwiki.html
• https://web.archive.org/web/20090504061152/http://pub.cozmixng.org/~the-rwiki/rw-cgi.rb?cmd=view;name=top
• https://web.archive.org/web/20081201080215/http://secunia.com/advisories/20264
• https://web.archive.org/web/20090524010623/http://www.vupen.com/english/advisories/2006/1949