CVE-2023-46951
- Source
- https://cve.org/CVERecord?id=CVE-2023-46951
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46951.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2023-46951
- Related
- Published
- 2024-03-01T14:15:53.087Z
- Modified
- 2026-03-20T12:31:18.187641Z
- Severity
-
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to obtain sensitive information via a crafted payload to the uniquejobs function.
- References
-
- https://www.link.com
- https://www.mgm-sp.com/cve/sidekiq-unique-jobs-reflected-xss-cve-2023-46950-cve-2023-46951
- https://github.com/mhenrixon/sidekiq-unique-jobs/releases/tag/v8.0.7
- https://link.org
- https://github.com/mhenrixon/sidekiq-unique-jobs/pull/829
- https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38
Affected packages
Git / github.com/mhenrixon/sidekiq-unique-jobs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/mhenrixon/sidekiq-unique-jobs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
4.*
4.0.1
Other
list
v0.*
v0.10.0
v0.5.0
v0.5.1
v0.7.0
v0.8.0
v1.*
v1.0.0
v1.1.0
v1.1.1
v1.1.4
v1.2.0
v1.2.1
v2.*
v2.0.0
v2.0.1
v2.0.3
v2.1.0
v2.10.0
v2.11.0
v2.11.1
v2.11.2
v2.12.0
v2.12.1
v2.12.3
v2.12.4
v2.13.0
v2.13.1
v2.14.0
v2.14.1
v2.15.2
v2.16.1
v2.17.0
v2.17.1
v2.17.2
v2.17.4
v2.17.7
v2.2.0
v2.2.1
v2.3.2
v2.3.3
v2.4.0
v2.5.0
v2.5.2
v2.5.3
v2.6.0
v2.6.1
v2.6.2
v2.6.3
v2.6.4
v2.6.5
v2.7.0
v2.7.1
v2.7.2
v2.7.3
v2.7.4
v2.7.5
v2.8.0
v3.*
v3.0.0
v3.0.1
v3.0.10
v3.0.11
v3.0.2
v3.0.3
v3.0.9
v3.1.1
v3.1.2
v3.1.3
v3.1.4
v3.2.0
v3.2.1
v3.2.2
v3.2.3
v3.2.4
v3.2.5
v3.2.6
v3.3.0
v3.3.1
v3.3.2
v3.3.3
v3.3.4
v3.4.0
v3.4.1
v3.4.2
v3.5.0
v3.5.1
v3.5.2
v3.5.3
v3.5.4
v4.*
v4.0.0
v4.0.0.pre1
v4.0.0.pre2
v4.0.1
v4.0.10
v4.0.11
v4.0.12
v4.0.13
v4.0.15
v4.0.16
v4.0.17
v4.0.18
v4.0.2
v4.0.3
v4.0.4
v4.0.5
v4.0.6
v4.0.7
v4.0.8
v4.0.9
v4.1.0
v4.1.1
v4.1.2
v4.1.3
v4.1.4
v4.2.0
v4.2.1
v4.2.10
v4.2.2
v4.2.3
v4.2.4
v4.2.5
v4.2.6
v4.2.7
v4.2.8
v4.2.9
v5.*
v5.0.0
v5.0.0.beta1
v5.0.0.beta2
v5.0.0.beta3
v5.0.0.rc1
v5.0.1
v5.0.10
v5.0.2
v5.0.3
v5.0.4
v5.0.5
v5.0.6
v5.0.7
v5.0.8
v5.0.9
v5.1.0
v5.1.1
v5.1.2
v5.1.3
v5.2.0
v5.2.1
v5.2.2
v5.2.3
v5.2.4
v5.2.5
v5.2.6
v5.2.7
v6.*
v6.0.0
v6.0.0.beta1
v6.0.0.beta2
v6.0.0.pre1
v6.0.0.rc1
v6.0.0.rc2
v6.0.0.rc3
v6.0.0.rc4
v6.0.0.rc5
v6.0.0.rc6
v6.0.0.rc7
v6.0.0.rc8
v6.0.1
v6.0.10
v6.0.11
v6.0.12
v6.0.13
v6.0.2
v6.0.3
v6.0.4
v6.0.5
v6.0.6
v6.0.7
v6.0.8
v6.0.9
v6.1.0
v6.1.1
v6.1.2
v6.1.3
v6.2.0
v6.2.1
v6.2.2
v6.3.0
v6.3.1
v6.4.0
v6.4.1
v6.4.2
v6.5.0
v6.5.1
v6.5.2
v6.5.3
v6.5.4
v6.5.5
v6.5.6
v6.5.7
v6.5.8
v7.*
v7.0.0
v7.0.0.beta1
v7.0.0.beta10
v7.0.0.beta11
v7.0.0.beta12
v7.0.0.beta13
v7.0.0.beta14
v7.0.0.beta15
v7.0.0.beta16
v7.0.0.beta17
v7.0.0.beta18
v7.0.0.beta19
v7.0.0.beta2
v7.0.0.beta20
v7.0.0.beta21
v7.0.0.beta22
v7.0.0.beta23
v7.0.0.beta24
v7.0.0.beta25
v7.0.0.beta26
v7.0.0.beta27
v7.0.0.beta28
v7.0.0.beta29
v7.0.0.beta3
v7.0.0.beta4
v7.0.0.beta5
v7.0.0.beta6
v7.0.0.beta7
v7.0.0.beta8
v7.0.0.beta9
v7.0.1
v7.0.10
v7.0.11
v7.0.12
v7.0.2
v7.0.3
v7.0.4
v7.0.5
v7.0.6
v7.0.7
v7.0.8
v7.0.9
v7.1.0
v7.1.1
v7.1.10
v7.1.11
v7.1.12
v7.1.13
v7.1.14
v7.1.15
v7.1.16
v7.1.18
v7.1.19
v7.1.2
v7.1.20
v7.1.21
v7.1.22
v7.1.23
v7.1.24
v7.1.25
v7.1.26
v7.1.27
v7.1.28
v7.1.29
v7.1.3
v7.1.4
v7.1.5
v7.1.6
v7.1.7
v7.1.8
v8.*
v8.0.0
v8.0.1
v8.0.2
v8.0.3
v8.0.4
v8.0.5
v8.0.6