Vulnerabilities in phlex-ruby
3 resultsCVE-2024-32970HIGHCross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in PhlexEPSS 0.7%CVE-2024-28199HIGHCross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in PhlexEPSS 0.6%CVE-2024-32463HIGHphlex makes Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tagsEPSS 0.6%