Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2013-6415

Опубликовано: 07 дек. 2013
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 4.3

Описание

Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter.

РелизСтатусПримечание
artful

not-affected

contains no code
bionic

not-affected

contains no code
cosmic

not-affected

contains no code
devel

not-affected

contains no code
disco

not-affected

contains no code
esm-apps/bionic

not-affected

contains no code
esm-apps/xenial

not-affected

contains no code
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [contains no code]]
lucid

ignored

end of life
precise

not-affected

contains no code

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

ignored

end of life
precise/esm

DNE

precise was needed
quantal

ignored

end of life

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [3.2.16-3]]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

ignored

end of life

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

not-affected

precise/esm

DNE

precise was not-affected
quantal

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

not-affected

precise/esm

DNE

precise was not-affected
quantal

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

lucid

DNE

precise

not-affected

precise/esm

DNE

precise was not-affected
quantal

not-affected

Показывать по

РелизСтатусПримечание
artful

DNE

bionic

DNE

cosmic

DNE

devel

DNE

disco

DNE

esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was needed]
lucid

DNE

precise

DNE

precise/esm

DNE

quantal

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 81%
0.01506
Низкий

4.3 Medium

CVSS2

Связанные уязвимости

redhat логотип

CVE-2013-6415

redhat
около 12 лет назад

Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter.

nvd логотип

CVE-2013-6415

nvd
около 12 лет назад

Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter.

debian логотип

CVE-2013-6415

debian
около 12 лет назад

Cross-site scripting (XSS) vulnerability in the number_to_currency hel ...

github логотип

GHSA-6h5q-96hp-9jgm

github
больше 8 лет назад

actionpack vulnerable to Cross-site Scripting

EPSS

Процентиль: 81%
0.01506
Низкий

4.3 Medium

CVSS2