CVE-2023-1892 (sidekiq): sidekiq vulnerable to cross-site scripting

sidekiq vulnerable to cross-site scripting

Published: April 21, 2023

CVE: CVE-2023-1892 (NVD)
GHSA: GHSA-h3r8-h5qw-4r35
Vendor Advisory: https://github.com/sidekiq/sidekiq/commit/458fdf74176a9881478c48dc5cf0269107b22214

CVSS v3.x: 8.3 (High)

< 7.0.4

>= 7.0.8

sidekiq from 7.0.4 to 7.0.7 is vulnerable to reflected cross-site scripting. A fix was released in version 7.0.8.