Low severityNVD Advisory· Published Jun 28, 2023· Updated Nov 6, 2024
Cross-site Scripting (XSS) - Stored in spinacms/spina
CVE-2023-3445
Description
Cross-site Scripting (XSS) - Stored in GitHub repository spinacms/spina prior to 2.15.1.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
spinaRubyGems | < 2.15.1 | 2.15.1 |
Affected products
2- spinacms/spinacms/spinav5Range: unspecified
Patches
Vulnerability mechanics
References
5- github.com/advisories/GHSA-97wh-6hmj-g8j9ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-3445ghsaADVISORY
- github.com/rubysec/ruby-advisory-db/blob/master/gems/spina/CVE-2023-3445.ymlghsaWEB
- github.com/spinacms/spina/commit/9adfe7b4807b3cc10dbb7351a26cc32f5d8c14a3ghsaWEB
- huntr.dev/bounties/18a74a9d-4a2d-4bf8-ae62-56a909427070ghsaWEB
News mentions
0No linked articles in our index yet.