CVE-2013-2105
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.
Ver en NVDSeveridad
N/A
EPSS
Probabilidad de explotación (próx. 30 días): 0.0012 (0.1%)
Percentil: 29.9%
EPSS: 2026-05-06
Afecta
jonathan_leung:show_in_browserDescripción técnica
The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.
Publicada: 22/4/2014, 14:23:33
Última modificación: 6/5/2026, 22:30:45
Referencias
- http://vapid.dhs.org/advisories/show_in_browser.html
- http://www.openwall.com/lists/oss-security/2013/05/18/4
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84378
- http://vapid.dhs.org/advisories/show_in_browser.html
- http://www.openwall.com/lists/oss-security/2013/05/18/4
- https://exchange.xforce.ibmcloud.com/vulnerabilities/84378