Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
Related vulnerabilities
GSD-2013-4318
Vulnerability from gsd - Updated: 2013-09-01 00:00Details
Features Gem for Ruby contains a flaw that allows a local cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain input upon submission to /tmp/out.html. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-4318",
"description": "File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory.",
"id": "GSD-2013-4318"
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "features",
"purl": "pkg:gem/features"
}
}
],
"aliases": [
"CVE-2013-4318",
"OSVDB-96975"
],
"details": "Features Gem for Ruby contains a flaw that allows a local cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain input upon submission to /tmp/out.html. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user\u0027s browser within the trust relationship between their browser and the server.",
"id": "GSD-2013-4318",
"modified": "2013-09-01T00:00:00.000Z",
"published": "2013-09-01T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4318"
}
],
"schema_version": "1.4.0",
"summary": "Features Gem for Ruby /tmp/out.html Local XSS"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4318",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Features",
"version": {
"version_data": [
{
"version_value": "0.3.0"
}
]
}
}
]
},
"vendor_name": "Features"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4318",
"refsource": "MISC",
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4318"
},
{
"name": "http://www.openwall.com/lists/oss-security/2013/09/09/10",
"refsource": "MISC",
"url": "http://www.openwall.com/lists/oss-security/2013/09/09/10"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2013-4318",
"date": "2013-09-01",
"description": "Features Gem for Ruby contains a flaw that allows a local cross-site scripting (XSS) attack. This flaw exists because the application does not validate certain input upon submission to /tmp/out.html. This may allow an attacker to create a specially crafted request that would execute arbitrary script code in a user\u0027s browser within the trust relationship between their browser and the server.",
"gem": "features",
"osvdb": 96975,
"title": "Features Gem for Ruby /tmp/out.html Local XSS",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2013-4318"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=0.3.0",
"affected_versions": "All versions starting from 0.3.0",
"cwe_ids": [
"CWE-1035",
"CWE-74",
"CWE-937"
],
"date": "2013-09-09",
"description": "A malicious user creating /tmp/out.html first and repeatedly writing to it can inject malicious html into the file right before it is opened. PoC: nobody () sp0rk:/$ while (true); do echo \"\u003cscript\u003e alert(\u0027Hello\u0027); \u003c/script\u003e\" \u003e\u003e /tmp/out.html; done Will pop up a javascript alert in other gem users browser.",
"fixed_versions": [],
"identifier": "CVE-2013-4318",
"identifiers": [
"CVE-2013-4318"
],
"package_slug": "gem/features",
"pubdate": "2013-09-09",
"title": "/tmp file injection vulnerability",
"urls": [
"http://seclists.org/oss-sec/2013/q3/571"
],
"uuid": "4974f2da-b4fb-4735-a4a7-0affe5eab05d"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:feature_project:feature:0.3.0:*:*:*:*:ruby:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-4318"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "File injection vulnerability in Ruby gem Features 0.3.0 allows remote attackers to inject malicious html in the /tmp directory."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-74"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.openwall.com/lists/oss-security/2013/09/09/10",
"refsource": "MISC",
"tags": [
"Exploit",
"Mailing List",
"Third Party Advisory"
],
"url": "http://www.openwall.com/lists/oss-security/2013/09/09/10"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2013-4318",
"refsource": "MISC",
"tags": [
"Third Party Advisory"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2013-4318"
}
]
}
},
"impact": {
"baseMetricV2": {
"acInsufInfo": false,
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "NONE",
"baseScore": 3.5,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:S/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 6.8,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "LOW",
"userInteractionRequired": true
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7
}
},
"lastModifiedDate": "2020-01-02T16:31Z",
"publishedDate": "2019-12-26T21:15Z"
}
}
}