CVE-2011-4319

Опубликовано: 28 нояб. 2011

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x before 3.0.11 and 3.1.x before 3.1.2, and the rails_xss plugin in Ruby on Rails 2.3.x, allows remote attackers to inject arbitrary web script or HTML via vectors related to a translations string whose name ends with an "html" substring.

Релиз	Статус	Примечание
devel	not-affected	contains no code
esm-apps/xenial	not-affected	contains no code
esm-infra-legacy/trusty	DNE	trusty/esm was DNE [trusty was not-affected [contains no code]]
hardy	ignored	end of life
lucid	ignored	end of life
maverick	ignored	end of life
natty	ignored	end of life
oneiric	not-affected	contains no code
precise	not-affected	contains no code
precise/esm	DNE	precise was not-affected [contains no code]

Показывать по

Релиз	Статус	Примечание
devel	DNE
esm-infra-legacy/trusty	DNE
hardy	DNE
lucid	DNE
maverick	DNE
natty	DNE
oneiric	ignored	end of life
precise	ignored	end of life
precise/esm	DNE	precise was needs-triage
quantal	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 69%

0.00607

Низкий

4.3 Medium

CVSS2

Связанные уязвимости

CVE-2011-4319

redhat

больше 13 лет назад

CVE-2011-4319

nvd

больше 13 лет назад

CVE-2011-4319

debian

больше 13 лет назад

Cross-site scripting (XSS) vulnerability in the i18n translations help ...

GHSA-xxr8-833v-c7wc

github

больше 7 лет назад

Cross-site Scripting vulnerability in i18n translations helper method

EPSS

Процентиль: 69%

0.00607

Низкий

4.3 Medium

CVSS2

CVE-2011-4319

Описание

Пакет rails

Пакет ruby-actionpack-2.3

Ссылки на источники

Связанные уязвимости