Headline
GHSA-4mvm-xh8j-fv27: Duplicate Advisory: govuk_tech_docs vulnerable to unescaped HTML on search results page
Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-x2xw-hw8g-6773. This link is maintained to preserve external references.
Original Description
versions from 2.0.2 to before 3.3.1 are vulnerable to a cross-site scripting vulnerability. Malicious JavaScript may be executed in the user’s browser if a malicious search result is displayed on the search page.
Skip to content
Actions
Automate any workflow
Packages
Host and manage packages
Security
Find and fix vulnerabilities
Codespaces
Instant dev environments
Copilot
Write better code with AI
Code review
Manage code changes
Issues
Plan and track work
Discussions
Collaborate outside of code
GitHub Sponsors
Fund open source developers
* The ReadME Project
GitHub community articles
- Pricing
- GitHub Advisory Database
- GitHub Reviewed
- GHSA-4mvm-xh8j-fv27
Duplicate Advisory: govuk_tech_docs vulnerable to unescaped HTML on search results page
Low severity GitHub Reviewed Published Jan 4, 2024 to the GitHub Advisory Database • Updated Jan 5, 2024
Withdrawn This advisory was withdrawn on Jan 5, 2024
Package
bundler govuk_tech_docs (RubyGems)
Affected versions
>= 2.0.2, < 3.3.1
Description
Published by the National Vulnerability Database
Jan 4, 2024
Published to the GitHub Advisory Database
Jan 4, 2024