CVE-2017-20159 – rf Keynote rumble.rb cross site scripting

https://notcve.org/view.php?id=CVE-2017-20159

31 Dec 2022 — A vulnerability was found in rf Keynote up to 0.x on Rails. It has been rated as problematic. Affected by this issue is some unknown functionality of the file lib/keynote/rumble.rb. The manipulation of the argument value leads to cross site scripting. The attack may be launched remotely. • https://github.com/rf-/keynote/commit/05be4356b0a6ca7de48da926a9b997beb5ffeb4a • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •