CVE-2018-11627

Published May 31st, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

4.3

MEDIUM

Affected

1

PROJECT

Description

Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.

sinatra/sinatra

Classy web-development dressed in a DSL (official / canonical repo)

GitHub

12.4K