The Show In Browser (show_in_browser) gem 0.0.3 for Ruby allows local users to inject arbitrary web script or HTML via a symlink attack on /tmp/browser.html.
CVSS 2.0
Severity: LOW
Problem Type: CWE-59,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| jonathan_leung | show_in_browser | 0.0.3 |