ADVISORIES
GEM
SEVERITY
CVSS v3.x: 6.1 (Medium)
UNAFFECTED VERSIONS
- < 2.0.0.beta1
- = 2.0.0-alpha
PATCHED VERSIONS
- >= 2.0.2
DESCRIPTION
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
| Get Updates: | Via Atom | On Twitter | On GitHub |
RubySec
Providing security resources for the Ruby community