CVE-2020-16255

Affecting ruby package, versions <2.5.8-r0

Report new vulnerabilities
low severity
Do your applications use this vulnerable package? Test your applications

Overview

Affected versions of this package are vulnerable to CVE-2020-16255 ownCloud (Core) before 10.5 allows XSS in login page 'forgot password.'

Remediation

Upgrade ruby to version or higher.

References

CVE
CVE-2020-16255
Snyk ID
SNYK-ALPINE39-RUBY-587659
Disclosed
15 Jan, 2021
Published
21 Jul, 2020