Description
Cross-site scripting (XSS) vulnerability in the viewfile documentation command in Caucho Resin before 3.0.25, and 3.1.x before 3.1.4, allows remote attackers to inject arbitrary web script or HTML via the file parameter.
Remediation
References
Related Vulnerabilities
Ruby on Rails Memory Allocation with Excessive Size Value Vulnerability (CVE-2026-33174)
Ruby Out-of-bounds Write Vulnerability (CVE-2016-2338)
WordPress Plugin Product Addons & Fields for WooCommerce Same Origin Method Execution (SOME) (14.0)
WordPress Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2012-3384)