7107 today
    The tale of an XSS in Phlex (CVE-2024-32463) | Greg Molnar

    The tale of an XSS in Phlex (CVE-2024-32463) | Greg Molnar

    19-Apr-2024 1092
    Phlex is a Ruby gem for building HTML components. Even though the HTML specification permits the usage of the javascript scheme in the href attribute of an anchor tag, Phlex doesn’t permit it to prevent an accidental XSS. When I had an initial look at the gem around its inception, I didn’t really checked how this filtering works, but a Twitter exchange with Joel reminded me to see if it can be bypassed somehow.
    Read more /
    Use coupon code:

    RUBYONRAILS

    to get 30% discount on our bundle!
    Prepare for your next tech interview with our comprehensive collection of programming interview guides. Covering JavaScript, Ruby on Rails, React, and Python, these highly-rated books offer thousands of essential questions and answers to boost your interview success. Buy our 'Ultimate Job Interview Preparation eBook Bundle' featuring 2200+ questions across multiple languages. Ultimate Job Interview Preparation eBook Bundle

    Bestseller

    Ruby Interview Questions

    Tags

    #Phlex #(CVE-2024-32463) #Molnar

    Related Links

    Where is Copilot Taking Us?
    Mastering Time Complexity in Ruby: A Comprehensive Guide with Code Examples and Tests - DEV Community
    Form objects decoupled from models.
    Bundler: A more secure bundler: We fixed our source priorities.
    What not to forget when implementing a pattern-matching in Ruby for custom objects

    Useful Links

    Quick Links

    Get in Touch

    Ruby On Rails Bosnia

    [email protected]

    [10863, 6413, 3870, 12623, 11464, 13368, 27028]

    Ruby On Rails Bosnia © 2016

    Template By HTML Codex