Published: 31/05/2018 Updated: 26/02/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Sinatra prior to 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.

Vulnerable Product	Search on Vulmon	Subscribe to Product
sinatrarb sinatra
redhat cloudforms 4.7
redhat cloudforms 4.6

Synopsis Moderate: CloudForms 47 security, bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic An update is now available for CloudForms Management Engine 510Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...

Synopsis Moderate: CloudForms 468 security, bug fix and enhancement update Type/Severity Security Advisory: Moderate Topic An update is now available for CloudForms Management Engine 59Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring ...

Sinatra before 202 has XSS via the 400 Bad Request page that occurs upon a params parser exception ...

CWE-79 https://github.com/sinatra/sinatra/issues/1428 https://github.com/sinatra/sinatra/commit/12786867d6faaceaec62c7c2cb5b0e2dc074d71a https://access.redhat.com/errata/RHSA-2019:0212 https://access.redhat.com/errata/RHSA-2019:0315 https://nvd.nist.gov https://access.redhat.com/errata/RHSA-2019:0212

CVE-2018-11627

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect