RubyGems package
phlex
pkg:gem/phlex
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-32970 | Hig | 7.1 | < 1.9.3 | 1.9.3 | Apr 30, 2024 | Phlex is a framework for building object-oriented views in Ruby. In affected versions there is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. Since the last two vulnerabilities https://github.com/phlex-ruby/phlex/secu | |
| CVE-2024-32463 | Hig | 7.1 | >= 1.10.0, < 1.10.1 | 1.10.1 | Apr 17, 2024 | phlex is an open source framework for building object-oriented views in Ruby. There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. The filter to detect and prevent the use of the `javascript:` URL scheme in the `hr | |
| CVE-2024-28199 | — | >= 1.9.0, < 1.9.1 | 1.9.1 | Mar 11, 2024 | phlex is an open source framework for building object-oriented views in Ruby. There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. This was due to improper case-sensitivity in the code that was meant to prevent the |
- affected < 1.9.3fixed 1.9.3
Phlex is a framework for building object-oriented views in Ruby. In affected versions there is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. Since the last two vulnerabilities https://github.com/phlex-ruby/phlex/secu
- affected >= 1.10.0, < 1.10.1fixed 1.10.1
phlex is an open source framework for building object-oriented views in Ruby. There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. The filter to detect and prevent the use of the `javascript:` URL scheme in the `hr
- CVE-2024-28199Mar 11, 2024affected >= 1.9.0, < 1.9.1fixed 1.9.1
phlex is an open source framework for building object-oriented views in Ruby. There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. This was due to improper case-sensitivity in the code that was meant to prevent the