Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-7580

Опубликовано: 16 фев. 2016
Источник: debian

Описание

Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ruby-rails-html-sanitizerfixed1.0.3-1package

Связанные уязвимости

ubuntu логотип

CVE-2015-7580

CVSS3: 6.1
ubuntu
почти 10 лет назад

Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node.

nvd логотип

CVE-2015-7580

CVSS3: 6.1
nvd
почти 10 лет назад

Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node.

github логотип

GHSA-ghqm-pgxj-37gq

CVSS3: 6.1
github
больше 8 лет назад

rails-html-sanitizer Cross-site Scripting vulnerability

suse-cvrf логотип

openSUSE-SU-2016:0356-1

suse-cvrf
около 10 лет назад

Security update for rubygem-rails-html-sanitizer

suse-cvrf логотип

SUSE-SU-2016:1146-1

suse-cvrf
почти 10 лет назад

Security update for portus