CVE-2018-11627

Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
Configurations

Configuration 1 (hide)

cpe:2.3:a:sinatrarb:sinatra:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:redhat:cloudforms:4.6:*:*:*:*:*:*:*
cpe:2.3:a:redhat:cloudforms:4.7:*:*:*:*:*:*:*

History

No history.

Information

Published : 2018-05-31 19:29

Updated : 2024-02-04 19:46


NVD link : CVE-2018-11627

Mitre link : CVE-2018-11627

CVE.ORG link : CVE-2018-11627


JSON object : View

Products Affected

sinatrarb

  • sinatra

redhat

  • cloudforms
CWE
CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')