CVE-2020-16254

CVE-2020-16254

EPSS 0.8%

The Chartkick gem through 3.3.2 for Ruby allows Cascading Style Sheets (CSS) Injection (without attribute).

Produtos afetados

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →

Referências

https://github.com/ankane/chartkick https://github.com/ankane/chartkick/issues/546