OSVDB-126329 (sidekiq-pro): Sidekiq Pro Gem for Ruby web/views/batch.erb Class and ErrorMessage Elements Reflected XSS

May 11th, 2015

Sidekiq Pro Gem for Ruby web/views/batch.erb Class and ErrorMessage Elements Reflected XSS

Published: May 11, 2015

SECURITY IDENTIFIERS

OSVDB: OSVDB-126329
Vendor Advisory: https://github.com/sidekiq/sidekiq/blob/main/Pro-Changes.md#202

GEM

PATCHED VERSIONS

>= 2.0.2

DESCRIPTION

XSS via batch failure error_class and error_message in Sidekiq::Web

RELATED