Описание
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.
Дополнительная информация
Статус:
Moderate
Дефект:
CWE-79
https://bugzilla.redhat.com/show_bug.cgi?id=520843ruby-activesupport: XSS vulnerability
EPSS
Процентиль: 81%
0.01632
Низкий
Связанные уязвимости
ubuntu
больше 16 лет назад
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.
nvd
больше 16 лет назад
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.
debian
больше 16 лет назад
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2 ...
EPSS
Процентиль: 81%
0.01632
Низкий