5205 today
    The tale of an XSS in Phlex (CVE-2024-32463) | Greg Molnar

    The tale of an XSS in Phlex (CVE-2024-32463) | Greg Molnar

    19-Apr-2024 1036
    Phlex is a Ruby gem for building HTML components. Even though the HTML specification permits the usage of the javascript scheme in the href attribute of an anchor tag, Phlex doesn’t permit it to prevent an accidental XSS. When I had an initial look at the gem around its inception, I didn’t really checked how this filtering works, but a Twitter exchange with Joel reminded me to see if it can be bypassed somehow.
    Read more /
    Use coupon code:

    RUBYONRAILS

    to get 30% discount on our bundle!
    Prepare for your next tech interview with our comprehensive collection of programming interview guides. Covering JavaScript, Ruby on Rails, React, and Python, these highly-rated books offer thousands of essential questions and answers to boost your interview success. Buy our 'Ultimate Job Interview Preparation eBook Bundle' featuring 2200+ questions across multiple languages. Ultimate Job Interview Preparation eBook Bundle

    Bestseller

    Ruby Interview Questions

    Tags

    #Phlex #(CVE-2024-32463) #Molnar

    Related Links

    Percona Migrator Announcement
    Ruby on Rails = Gamechanger
    How do you tell which areas of a project's test suite need attention?
    Testing with RSpec book May 2024 status report | Everyday Rails
    Best 5 Open Source Ruby On Rails CMS

    Useful Links

    Quick Links

    Get in Touch

    Ruby On Rails Bosnia

    [email protected]

    Ruby On Rails Bosnia © 2016

    Template By HTML Codex