Ruby · Sinatra · CVE-2018-11627
**Name of the Vulnerable Software and Affected Versions**
Sinatra versions prior to 2.0.2
**Description**
The issue is related to a Cross-Site Scripting (XSS) problem. It occurs on the 400 Bad Request page when there is a params parser exception.
**Recommendations**
For versions prior to 2.0.2, update to version 2.0.2 or later to resolve the issue.