{"id":"CVE-2023-46950","details":"Cross Site Scripting vulnerability in Contribsys Sidekiq v.6.5.8 allows a remote attacker to obtain sensitive information via a crafted URL to the filter functions.","aliases":["GHSA-fhx8-5c23-x7x5"],"modified":"2026-04-09T09:47:25.734716Z","published":"2024-03-01T14:15:53.030Z","related":["GHSA-cmh9-rx85-xj38"],"references":[{"type":"WEB","url":"https://www.link.com"},{"type":"ADVISORY","url":"https://github.com/mhenrixon/sidekiq-unique-jobs/releases/tag/v8.0.7"},{"type":"ADVISORY","url":"https://www.mgm-sp.com/cve/sidekiq-unique-jobs-reflected-xss-cve-2023-46950-cve-2023-46951"},{"type":"REPORT","url":"https://github.com/mhenrixon/sidekiq-unique-jobs/pull/829"},{"type":"REPORT","url":"https://link.org"},{"type":"EVIDENCE","url":"https://github.com/mhenrixon/sidekiq-unique-jobs/security/advisories/GHSA-cmh9-rx85-xj38"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mhenrixon/sidekiq-unique-jobs","events":[{"introduced":"0"},{"fixed":"ce1e57ec4c6c4c4a709a26882a820e5fc7b6e498"}]},{"type":"GIT","repo":"https://github.com/mperham/sidekiq","events":[{"introduced":"0"},{"last_affected":"ad0f13cac5138b891d54ef2f2df3460d5151e34c"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"6.5.8"}]}}],"versions":["4.0.1","list","v0.10.0","v0.5.0","v0.5.1","v0.7.0","v0.8.0","v1.0.0","v1.1.0","v1.1.1","v1.1.4","v1.2.0","v1.2.1","v2.0.0","v2.0.1","v2.0.3","v2.1.0","v2.10.0","v2.11.0","v2.11.1","v2.11.2","v2.12.0","v2.12.1","v2.12.3","v2.12.4","v2.13.0","v2.13.1","v2.14.0","v2.14.1","v2.15.2","v2.16.1","v2.17.0","v2.17.1","v2.17.2","v2.17.4","v2.17.7","v2.2.0","v2.2.1","v2.3.2","v2.3.3","v2.4.0","v2.5.0","v2.5.2","v2.5.3","v2.6.0","v2.6.1","v2.6.2","v2.6.3","v2.6.4","v2.6.5","v2.7.0","v2.7.1","v2.7.2","v2.7.3","v2.7.4","v2.7.5","v2.8.0","v3.0.0","v3.0.1","v3.0.10","v3.0.11","v3.0.2","v3.0.3","v3.0.9","v3.1.1","v3.1.2","v3.1.3","v3.1.4","v3.2.0","v3.2.1","v3.2.2","v3.2.3","v3.2.4","v3.2.5","v3.2.6","v3.3.0","v3.3.1","v3.3.2","v3.3.3","v3.3.4","v3.4.0","v3.4.1","v3.5.0","v4.0.0","v4.0.0.pre1","v4.0.0.pre2","v4.0.1","v4.0.10","v4.0.11","v4.0.12","v4.0.13","v4.0.15","v4.0.16","v4.0.17","v4.0.18","v4.0.2","v4.0.3","v4.0.4","v4.0.5","v4.0.6","v4.0.7","v4.0.8","v4.0.9","v4.1.0","v4.1.1","v4.1.2","v4.1.3","v4.1.4","v4.2.0","v4.2.1","v4.2.2","v4.2.3","v4.2.4","v4.2.5","v4.2.6","v4.2.7","v5.0.0","v5.0.0.beta1","v5.0.0.beta2","v5.0.0.beta3","v5.0.0.rc1","v5.0.1","v5.0.10","v5.0.2","v5.0.3","v5.0.4","v5.0.5","v5.0.6","v5.0.7","v5.0.8","v5.0.9","v5.1.0","v5.1.1","v5.1.2","v5.1.3","v5.2.0","v5.2.1","v5.2.2","v5.2.3","v5.2.4","v5.2.5","v5.2.6","v5.2.7","v6.0.0","v6.0.0.beta1","v6.0.0.beta2","v6.0.0.pre1","v6.0.0.rc1","v6.0.0.rc2","v6.0.0.rc3","v6.0.0.rc4","v6.0.0.rc5","v6.0.0.rc6","v6.0.0.rc7","v6.0.0.rc8","v6.0.1","v6.0.10","v6.0.11","v6.0.12","v6.0.13","v6.0.2","v6.0.3","v6.0.4","v6.0.5","v6.0.6","v6.0.7","v6.0.8","v6.0.9","v6.1.0","v6.1.1","v6.1.2","v6.1.3","v6.2.0","v6.2.1","v6.2.2","v6.3.0","v6.3.1","v6.4.0","v6.4.1","v6.4.2","v6.5.1","v6.5.2","v6.5.3","v6.5.4","v6.5.5","v6.5.6","v6.5.7","v6.5.8","v7.0.0","v7.0.0.beta1","v7.0.0.beta10","v7.0.0.beta11","v7.0.0.beta12","v7.0.0.beta13","v7.0.0.beta14","v7.0.0.beta15","v7.0.0.beta16","v7.0.0.beta17","v7.0.0.beta18","v7.0.0.beta19","v7.0.0.beta2","v7.0.0.beta20","v7.0.0.beta21","v7.0.0.beta22","v7.0.0.beta23","v7.0.0.beta24","v7.0.0.beta25","v7.0.0.beta26","v7.0.0.beta27","v7.0.0.beta28","v7.0.0.beta29","v7.0.0.beta3","v7.0.0.beta4","v7.0.0.beta5","v7.0.0.beta7","v7.0.0.beta8","v7.0.0.beta9","v7.0.1","v7.0.10","v7.0.11","v7.0.12","v7.0.2","v7.0.3","v7.0.4","v7.0.5","v7.0.6","v7.0.7","v7.0.8","v7.0.9","v7.1.0","v7.1.1","v7.1.10","v7.1.11","v7.1.12","v7.1.13","v7.1.14","v7.1.15","v7.1.16","v7.1.18","v7.1.19","v7.1.2","v7.1.20","v7.1.21","v7.1.22","v7.1.23","v7.1.24","v7.1.25","v7.1.26","v7.1.27","v7.1.28","v7.1.29","v7.1.3","v7.1.4","v7.1.5","v7.1.6","v7.1.7","v7.1.8","v8.0.0","v8.0.1","v8.0.2","v8.0.3","v8.0.4","v8.0.5","v8.0.6"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2023-46950.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}]}