GHSA-4mvm-xh8j-fv27 – govuk_tech_docs

Package

Manager: gem
Name: govuk_tech_docs
Vulnerable Version: <0

Severity

Level: Low

CVSS v3.1: N/A

CVSS v4.0: N/A

EPSS: N/A pctlN/A

Details

Duplicate Advisory: govuk_tech_docs vulnerable to unescaped HTML on search results page ### Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-x2xw-hw8g-6773. This link is maintained to preserve external references. ### Original Description versions from 2.0.2 to before 3.3.1 are vulnerable to a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user's browser if a malicious search result is displayed on the search page.

Metadata

Created: 2024-01-04T21:30:24Z
Modified: 2024-01-05T15:28:17Z
Source: https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2024/01/GHSA-4mvm-xh8j-fv27/GHSA-4mvm-xh8j-fv27.json
CWE IDs: ["CWE-79"]
Alternative ID: N/A
Finding: N/A
Auto approve: 0