Описание
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ruby-sanitize | fixed | 4.6.5-1 | experimental | package |
| ruby-sanitize | fixed | 4.6.6-1 | package | |
| ruby-sanitize | ignored | jessie | package |
Примечания
https://github.com/rgrove/sanitize/issues/176
https://github.com/rgrove/sanitize/commit/01629a162e448a83d901456d0ba8b65f3b03d46e (v4.6.3)
Fixes for 2.1.x: https://github.com/rgrove/sanitize/compare/v2.1.0...v2.1.1
Only an issue in combination with libxml2 >= 2.9.2
The 'fragment' method was renamed from 'clean' method in earlier version
in v3.0.0
Связанные уязвимости
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting
Уязвимость библиотеки Sanitize для языка программирования Ruby, позволяющая нарушителю обойти заданные ограничения на использование HTML атрибутов