RubyGems i18n Cross Site Scripting Vulnerability

Bugtraq ID: 64076
Class: Input Validation Error
CVE: CVE-2013-4491
CVE-2013-4492
Remote: Yes
Local: No
Published: Dec 03 2013 12:00AM
Updated: Apr 13 2015 09:56PM
Credit: Peter McLarnan of Matasano Security.
Vulnerable: SuSE WebYaST 1.3
+ S.u.S.E. Linux 8.1
+ S.u.S.E. Linux Personal 9.1
+ S.u.S.E. Linux Personal 9.0 x86_64
+ S.u.S.E. Linux Personal 9.0
+ S.u.S.E. Linux Personal 8.2
SuSE Studio Onsite 1.3
SuSE Lifecycle Management Server 1.3
S.u.S.E. openSUSE 13.1
S.u.S.E. openSUSE 12.3
S.u.S.E. openSUSE 12.2
RubyGems i18n 0.6.5
RubyGems i18n 0.5.0
Ruby on Rails Ruby on Rails 4.0.1
Ruby on Rails Ruby on Rails 4.0
Ruby on Rails Ruby on Rails 3.2.13
Ruby on Rails Ruby on Rails 3.2.12
Ruby on Rails Ruby on Rails 3.2.11
Ruby on Rails Ruby on Rails 3.2.10
Ruby on Rails Ruby on Rails 3.2.8
Ruby on Rails Ruby on Rails 3.2.7
Ruby on Rails Ruby on Rails 3.2.6
Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.12
Ruby on Rails Ruby on Rails 3.1.11
Ruby on Rails Ruby on Rails 3.1.9
Ruby on Rails Ruby on Rails 3.1.8
Ruby on Rails Ruby on Rails 3.1.7
Ruby on Rails Ruby on Rails 3.1.6
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.1
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.2.15
Ruby on Rails Ruby on Rails 3.2
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Redhat Software Collections 1 for RHEL 6 0
Redhat OpenStack 3.0
Puppetlabs Puppet Enterprise 3.1
OPSCODE Chef 11.1.2
IBM Security Network Protection XGS 5100 5.1.1
IBM Security Network Protection XGS 5100 5.1
IBM Security Network Protection XGS 5.1.2
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: RubyGems i18n 0.6.6
RubyGems i18n 0.5.1
Ruby on Rails Ruby on Rails 4.0.2
Ruby on Rails Ruby on Rails 3.2.16
Puppetlabs Puppet Enterprise 3.1.1
OPSCODE Chef 11.1.3


 

Privacy Statement
Copyright 2010, SecurityFocus