Providing security resources for the Ruby community.
Follow us @rubysec or email us via info at

Advisory Archive


gem: radiant
date: 2018-02-19
cve: 2018-7261
title: Multiple persistent XSS vulnerabilities in Radiant CMS
description: |
  There are multiple Persistent XSS vulnerabilities in Radiant CMS.
  They affect Personal Preferences (Name and Username) and Configuration (Site Title,
  Dev Site Domain, Page Parts, and Page Fields).
cvss_v2: '3.5'
cvss_v3: '5.4'