Launch Week Day 1: Announcing Security Design Review
Start for Free
rubygems

phlex

View on rubygems registry
4 Total advisories
4 Vulnerabilities
0 Malware

Vulnerabilities

HIGH 7.1
RubyGems

GHSA-w67g-2h6v-vjgq

Phlex XSS protection bypass via attribute splatting, dynamic tags, and href values
HIGH 7.1
RubyGems

CVE-2024-32970

Phlex vulnerable to Cross-site Scripting (XSS) via maliciously formed HTML attribute names and values
HIGH 7.1
RubyGems

CVE-2024-32463

Cross-site Scripting (XSS) possible due to improper sanitisation of `href` attributes on `<a>` tags
HIGH 7.1
RubyGems

CVE-2024-28199

Cross-site Scripting (XSS) possible with maliciously formed HTML attribute names and values in Phlex

Ready to move

Start Securing

Start for Free Get Demo

Free, no credit card | First findings in minutes