CVE-2018-3769

CVE-2018-3769

EPSS 1.4%CWE-79

ruby-grape ruby gem suffers from a cross-site scripting (XSS) vulnerability via "format" parameter.

Affected products

Ruby Grape · ruby-grape ruby gem

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/ruby-grape/grape/commit/6876b71efc7b03f7ce1be3f075eaa4e7e6de19af https://github.com/ruby-grape/grape/issues/1762 https://github.com/ruby-grape/grape/pull/1763