CVE-2020-11082

Summary

In Kaminari before 1.2.1, there is a vulnerability that would allow an attacker to inject arbitrary code into pages with pagination links. This has been fixed in 1.2.1.

Affected Software

VendorProductVersion RangeStatus
kaminariKaminari< 1.2.1affected

Weaknesses

  • CWE-79: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

ADP Enrichment

CVE Program Container

Additional References

References