CVE-2023-50725

CVSS V2 None CVSS V3 None
Description
Resque is a Redis-backed Ruby library for creating background jobs, placing them on multiple queues, and processing them later. The following paths in resque-web have been found to be vulnerable to reflected XSS: "/failed/?class=<script>alert(document.cookie)</script>" and "/queues/><img src=a onerror=alert(document.cookie)>". This issue has been patched in version 2.2.1.
Overview
  • CVE ID
  • CVE-2023-50725
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2023-12-22T20:02:15.568Z
  • Last Modified Date
  • 2023-12-22T20:02:15.568Z
History
Created Old Value New Value Data Type Notes
2024-06-25 18:29:30 Added to TrackCVE