Moderate severityNVD Advisory· Published May 28, 2020· Updated Aug 4, 2024
Cross-Site Scripting in Kaminari
CVE-2020-11082
Description
In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
kaminariRubyGems | < 1.2.1 | 1.2.1 |
Affected products
2Patches
Vulnerability mechanics
References
8- github.com/advisories/GHSA-r5jw-62xg-j433ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2020-11082ghsaADVISORY
- www.debian.org/security/2021/dsa-5005ghsavendor-advisoryx_refsource_DEBIANWEB
- github.com/github/advisory-review/pull/1020ghsax_refsource_MISCWEB
- github.com/kaminari/kaminari/commit/8dd52a1aed3d2fa2835d836de23fc0d8c4ff5db8ghsax_refsource_MISCWEB
- github.com/kaminari/kaminari/security/advisories/GHSA-r5jw-62xg-j433ghsax_refsource_CONFIRMWEB
- github.com/rubysec/ruby-advisory-db/blob/master/gems/kaminari/CVE-2020-11082.ymlghsaWEB
- lists.debian.org/debian-lts-announce/2021/09/msg00011.htmlghsamailing-listx_refsource_MLISTWEB
News mentions
0No linked articles in our index yet.