FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-24 21:00:48 UTC

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML ID	Description
c368155a-fa83-11e4-bc58-001e67150279	rubygem-redcarpet -- XSS vulnerability Daniel LeCheminant reports: When markdown is being presented as HTML, there seems to be a strange interaction between _ and @ that lets an attacker insert malicious tags. Discovery 2015-04-07 Entry 2015-05-14 rubygem-redcarpet < 3.2.3 http://openwall.com/lists/oss-security/2015/04/07/11 https://hackerone.com/reports/46916 http://danlec.com/blog/bug-in-sundown-and-redcarpet

VuXML ID

Description

c368155a-fa83-11e4-bc58-001e67150279

rubygem-redcarpet -- XSS vulnerability

Daniel LeCheminant reports:

When markdown is being presented as HTML, there seems to be a strange interaction between _ and @ that lets an attacker insert malicious tags.

Discovery 2015-04-07
Entry 2015-05-14
rubygem-redcarpet

< 3.2.3

http://openwall.com/lists/oss-security/2015/04/07/11
https://hackerone.com/reports/46916
http://danlec.com/blog/bug-in-sundown-and-redcarpet