CVE-2006-2581 (rwiki): RWiki before 2.1.1 has cross-site scripting vulnerability

RWiki before 2.1.1 has cross-site scripting vulnerability

Published: May 14, 2006

SECURITY IDENTIFIERS

CVE: CVE-2006-2581 (NVD)
GHSA: GHSA-gvhx-gj42-m28v
Vendor Advisory: https://web.archive.org/web/20090501134922/http://www2a.biglobe.ne.jp/~seki/ruby/rwiki.html

GEM

rwiki

SEVERITY

CVSS v2.0: 4.3 (Medium)

UNAFFECTED VERSIONS

< 2.1.0pre1

PATCHED VERSIONS

>= 2.1.1

DESCRIPTION

Cross-site scripting (XSS) vulnerability in Wiki content in RWiki 2.1.0pre1 through 2.1.0 allows remote attackers to inject arbitrary web script or HTML via unknown attack vectors.

CVE-2006-2582 (NVD)
GHSA-wwmf-6p58-6vj2
https://nvd.nist.gov/vuln/detail/CVE-2006-2581
https://exchange.xforce.ibmcloud.com/vulnerabilities/26664
https://github.com/advisories/GHSA-wwmf-6p58-6vj2
https://github.com/advisories/GHSA-gvhx-gj42-m28v
https://rubygems.org/gems/rwiki
https://web.archive.org/web/20090501134922/http://www2a.biglobe.ne.jp/~seki/ruby/rwiki.html
https://web.archive.org/web/20090504061152/http://pub.cozmixng.org/~the-rwiki/rw-cgi.rb?cmd=view;name=top
https://web.archive.org/web/20081201080215/http://secunia.com/advisories/20264
https://web.archive.org/web/20090524010623/http://www.vupen.com/english/advisories/2006/1949

RubySec