[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2013-0256":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-05T08:55:32.481Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":44,"aliases":45,"duplicate_of":9,"upstream":46,"downstream":47,"duplicates":54,"related":55,"reserved_at":9,"published_at":56,"modified_at":57,"state":58,"summary":59,"references_raw":68,"kevs":128,"epss":129,"epss_history":132,"metrics":383,"affected":388},"CVE-2013-0256","darkfish.js in RDoc 2.3.0 through 3.12 and 4.x before 4.0.0.preview2.1, as used in Ruby, does not properly generate documents, which allows remote attackers to conduct cross-site scripting (XSS) attacks via a crafted URL.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-79","Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')","The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.","weakness","Stable","Base","High",[20,24,28,32,36,40],{"id":21,"name":22,"techniques":23},"CAPEC-209","XSS Using MIME Type Mismatch",[],{"id":25,"name":26,"techniques":27},"CAPEC-588","DOM-Based XSS",[],{"id":29,"name":30,"techniques":31},"CAPEC-591","Reflected XSS",[],{"id":33,"name":34,"techniques":35},"CAPEC-592","Stored XSS",[],{"id":37,"name":38,"techniques":39},"CAPEC-63","Cross-Site Scripting (XSS)",[],{"id":41,"name":42,"techniques":43},"CAPEC-85","AJAX Footprinting",[],[],[],[],[48,50,52],{"_key":49},"DLA-235-1",{"_key":51},"RHSA-2013:0728",{"_key":53},"RHSA-2013:0701",[],[],"2013-03-01T02:00:00.000Z","2024-08-06T14:18:09.523Z","Modified",{"cisa_kev":60,"cisa_ransomware":60,"cisa_vendor":9,"epss_severity":61,"epss_score":62,"severity":63,"severity_score":64,"severity_version":65,"severity_source":66,"severity_vector":67,"severity_status":58},false,"low",0.02671,"medium",4.3,"v2.0","nvd","AV:N/AC:M/Au:N/C:N/I:P/A:N",[69,77,82,87,93,98,102,106,110,114,119,124],{"url":70,"sources":71,"tags":73},"http://rhn.redhat.com/errata/RHSA-2013-0701.html",[72,66],"cve.org",[74,75,76],"Vendor Advisory","X Refsource REDHAT","Third Party Advisory",{"url":78,"sources":79,"tags":80},"http://www.ruby-lang.org/en/news/2013/02/06/rdoc-xss-cve-2013-0256/",[72,66],[81,74],"X Refsource CONFIRM",{"url":83,"sources":84,"tags":85},"http://secunia.com/advisories/52774",[72,66],[76,86],"X Refsource SECUNIA",{"url":88,"sources":89,"tags":90},"http://lists.opensuse.org/opensuse-updates/2013-02/msg00048.html",[72,66],[74,91,92,76],"X Refsource SUSE","Mailing List",{"url":94,"sources":95,"tags":96},"http://blog.segment7.net/2013/02/06/rdoc-xss-vulnerability-cve-2013-0256-releases-3-9-5-3-12-1-4-0-0-rc-2",[72,66],[97,76],"X Refsource MISC",{"url":99,"sources":100,"tags":101},"http://rhn.redhat.com/errata/RHSA-2013-0728.html",[72,66],[74,75,76],{"url":103,"sources":104,"tags":105},"http://rhn.redhat.com/errata/RHSA-2013-0686.html",[72,66],[74,75,76],{"url":107,"sources":108,"tags":109},"https://github.com/rdoc/rdoc/commit/ffa87887ee0517793df7541629a470e331f9fe60",[72,66],[81,76],{"url":111,"sources":112,"tags":113},"http://rhn.redhat.com/errata/RHSA-2013-0548.html",[72,66],[74,75,76],{"url":115,"sources":116,"tags":117},"http://www.ubuntu.com/usn/USN-1733-1",[72,66],[74,118,76],"X Refsource UBUNTU",{"url":120,"sources":121,"tags":122},"https://bugzilla.redhat.com/show_bug.cgi?id=907820",[72,66],[97,123],"Issue Tracking",{"url":125,"sources":126,"tags":127},"http://lists.opensuse.org/opensuse-security-announce/2013-04/msg00015.html",[72,66],[74,91,92,76],[],{"date":130,"score":62,"percentile":131},"2026-06-04",0.86094,[133,137,140,143,146,149,152,155,158,161,164,167,170,172,175,178,181,184,187,189,191,193,195,198,201,203,206,209,212,215,217,220,223,226,229,232,235,238,241,244,246,249,252,254,257,260,263,266,269,272,275,278,281,283,287,289,292,295,297,300,303,306,309,311,314,316,318,320,323,325,327,330,333,336,339,341,344,347,350,352,355,358,361,364,366,368,371,374,377,380],{"date":134,"score":135,"percentile":136},"2025-11-04",0.03584,0.87244,{"date":138,"score":135,"percentile":139},"2025-11-05",0.87246,{"date":141,"score":135,"percentile":142},"2025-11-06",0.87243,{"date":144,"score":135,"percentile":145},"2025-11-07",0.87251,{"date":147,"score":135,"percentile":148},"2025-11-08",0.87255,{"date":150,"score":135,"percentile":151},"2025-11-09",0.87248,{"date":153,"score":135,"percentile":154},"2025-11-10",0.87247,{"date":156,"score":135,"percentile":157},"2025-11-11",0.87252,{"date":159,"score":135,"percentile":160},"2025-11-12",0.87258,{"date":162,"score":135,"percentile":163},"2025-11-13",0.87263,{"date":165,"score":135,"percentile":166},"2025-11-14",0.87265,{"date":168,"score":135,"percentile":169},"2025-11-15",0.8726,{"date":171,"score":135,"percentile":166},"2025-11-16",{"date":173,"score":135,"percentile":174},"2025-11-17",0.87261,{"date":176,"score":135,"percentile":177},"2025-11-18",0.86565,{"date":179,"score":135,"percentile":180},"2025-11-19",0.86566,{"date":182,"score":135,"percentile":183},"2025-11-20",0.86567,{"date":185,"score":135,"percentile":186},"2025-11-21",0.8727,{"date":188,"score":135,"percentile":166},"2025-11-22",{"date":190,"score":135,"percentile":174},"2025-11-23",{"date":192,"score":135,"percentile":163},"2025-11-24",{"date":194,"score":135,"percentile":163},"2025-11-25",{"date":196,"score":135,"percentile":197},"2025-11-26",0.87262,{"date":199,"score":135,"percentile":200},"2025-11-27",0.87264,{"date":202,"score":135,"percentile":157},"2025-11-28",{"date":204,"score":135,"percentile":205},"2025-11-29",0.87326,{"date":207,"score":135,"percentile":208},"2025-11-30",0.87325,{"date":210,"score":135,"percentile":211},"2025-12-01",0.87388,{"date":213,"score":135,"percentile":214},"2025-12-02",0.87389,{"date":216,"score":135,"percentile":211},"2025-12-03",{"date":218,"score":135,"percentile":219},"2025-12-04",0.87323,{"date":221,"score":135,"percentile":222},"2025-12-05",0.87327,{"date":224,"score":135,"percentile":225},"2025-12-06",0.87324,{"date":227,"score":135,"percentile":228},"2025-12-07",0.87318,{"date":230,"score":135,"percentile":231},"2025-12-08",0.87319,{"date":233,"score":135,"percentile":234},"2025-12-09",0.87331,{"date":236,"score":135,"percentile":237},"2025-12-10",0.87348,{"date":239,"score":135,"percentile":240},"2025-12-11",0.87353,{"date":242,"score":135,"percentile":243},"2025-12-12",0.87357,{"date":245,"score":135,"percentile":243},"2025-12-13",{"date":247,"score":135,"percentile":248},"2025-12-14",0.8735,{"date":250,"score":135,"percentile":251},"2025-12-15",0.87349,{"date":253,"score":135,"percentile":243},"2025-12-16",{"date":255,"score":135,"percentile":256},"2025-12-17",0.8736,{"date":258,"score":135,"percentile":259},"2025-12-18",0.87369,{"date":261,"score":135,"percentile":262},"2025-12-19",0.8737,{"date":264,"score":135,"percentile":265},"2025-12-20",0.87368,{"date":267,"score":135,"percentile":268},"2025-12-21",0.87373,{"date":270,"score":135,"percentile":271},"2025-12-22",0.87374,{"date":273,"score":135,"percentile":274},"2025-12-23",0.87375,{"date":276,"score":135,"percentile":277},"2025-12-24",0.87383,{"date":279,"score":135,"percentile":280},"2025-12-25",0.87395,{"date":282,"score":135,"percentile":280},"2025-12-26",{"date":284,"score":285,"percentile":286},"2025-12-27",0.02165,0.83889,{"date":288,"score":135,"percentile":277},"2025-12-28",{"date":290,"score":135,"percentile":291},"2025-12-29",0.87376,{"date":293,"score":135,"percentile":294},"2025-12-30",0.87382,{"date":296,"score":135,"percentile":280},"2025-12-31",{"date":298,"score":135,"percentile":299},"2026-01-01",0.87454,{"date":301,"score":135,"percentile":302},"2026-01-02",0.87455,{"date":304,"score":135,"percentile":305},"2026-01-03",0.87452,{"date":307,"score":135,"percentile":308},"2026-01-04",0.87386,{"date":310,"score":135,"percentile":294},"2026-01-05",{"date":312,"score":135,"percentile":313},"2026-01-06",0.87384,{"date":315,"score":135,"percentile":313},"2026-01-07",{"date":317,"score":135,"percentile":214},"2026-01-08",{"date":319,"score":135,"percentile":214},"2026-01-09",{"date":321,"score":135,"percentile":322},"2026-01-10",0.8739,{"date":324,"score":135,"percentile":313},"2026-01-11",{"date":326,"score":135,"percentile":277},"2026-01-12",{"date":328,"score":135,"percentile":329},"2026-01-13",0.8738,{"date":331,"score":135,"percentile":332},"2026-01-14",0.87393,{"date":334,"score":135,"percentile":335},"2026-01-15",0.87392,{"date":337,"score":135,"percentile":338},"2026-01-16",0.87398,{"date":340,"score":135,"percentile":338},"2026-01-17",{"date":342,"score":135,"percentile":343},"2026-01-18",0.87399,{"date":345,"score":135,"percentile":346},"2026-01-19",0.87397,{"date":348,"score":135,"percentile":349},"2026-01-20",0.87396,{"date":351,"score":135,"percentile":343},"2026-01-21",{"date":353,"score":135,"percentile":354},"2026-01-22",0.87403,{"date":356,"score":135,"percentile":357},"2026-01-23",0.87416,{"date":359,"score":135,"percentile":360},"2026-01-24",0.87423,{"date":362,"score":135,"percentile":363},"2026-01-25",0.8742,{"date":365,"score":135,"percentile":363},"2026-01-26",{"date":367,"score":135,"percentile":363},"2026-01-27",{"date":369,"score":135,"percentile":370},"2026-01-28",0.87422,{"date":372,"score":135,"percentile":373},"2026-01-29",0.87426,{"date":375,"score":135,"percentile":376},"2026-01-30",0.87429,{"date":378,"score":135,"percentile":379},"2026-01-31",0.87427,{"date":381,"score":135,"percentile":382},"2026-02-01",0.87495,[384],{"source":66,"cvss_v2_0":385,"cvss_v3_0":9,"cvss_v3_1":9,"cvss_v4_0":9},{"baseScore":64,"baseSeverity":9,"vectorString":67,"impactScore":386,"exploitabilityScore":387},2.9,8.6,[389,400,414],{"ecosystem":9,"name":390,"vendor":391,"product":392,"cpe_part":393,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":394},"ubuntu linux","canonical","ubuntu_linux","o",[395,398],{"version":396,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.04","cpe",{"version":399,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"12.10",{"ecosystem":9,"name":401,"vendor":402,"product":401,"cpe_part":403,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":404},"rdoc","ruby-lang","a",[405,412],{"version":406,"is_range":407,"range_type":397,"version_start":408,"version_start_type":409,"version_end":410,"version_end_type":411,"fixed_in":9},"gte2.3.0_lt3.12",true,"2.3.0","including","3.12","excluding",{"version":413,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0.0:preview2",{"ecosystem":9,"name":415,"vendor":402,"product":415,"cpe_part":403,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":416},"ruby",[417,419,421,423,425,427,429,431,433,435,437,439,441],{"version":418,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9",{"version":420,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.1",{"version":422,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.2",{"version":424,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3",{"version":426,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p0",{"version":428,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p125",{"version":430,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p194",{"version":432,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p286",{"version":434,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"1.9.3:p383",{"version":436,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0",{"version":438,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0",{"version":440,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:rc1",{"version":442,"is_range":60,"range_type":397,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"2.0.0:rc2"]