CVE-2023-50725 (resque): Resque vulnerable to reflected XSS in resque-web failed and queues lists

Ruby Security Advisory

### Impact

The following paths in resque-web have been found to be
vulnerable to reflected XSS:

“`
/failed/?class=
/queues/>
“`

### Patches

v2.2.1

### Workarounds

No known workarounds at this time. It is recommended to not click
on 3rd party or untrusted links to the resque-web interface until
you have patched your application.

### References

https://github.com/resque/resque/pull/1790

READ MORE