exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 6

CVE-2023-23913

около 1 года назад

There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method, data-remote or data-disable-with attribute.

CVSS3: 6.3

EPSS: Низкий

CVE-2023-23913

почти 3 года назад

There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method, data-remote or data-disable-with attribute.

CVSS3: 7.5

EPSS: Низкий

CVE-2023-23913

около 1 года назад

There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method, data-remote or data-disable-with attribute.

CVSS3: 6.3

EPSS: Низкий

CVE-2023-23913

около 1 года назад

There is a potential DOM based cross-site scripting issue in rails-ujs ...

CVSS3: 6.3

EPSS: Низкий

SUSE-SU-2023:3813-1

больше 2 лет назад

Security update for rubygem-actionview-5_1

EPSS: Низкий

GHSA-xp5h-f8jf-rc8q

больше 2 лет назад

rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML Elements

CVSS3: 6.3

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2023-23913 There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method, data-remote or data-disable-with attribute.	CVSS3: 6.3	0% Низкий	около 1 года назад
CVE-2023-23913 There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method, data-remote or data-disable-with attribute.	CVSS3: 7.5	0% Низкий	почти 3 года назад
CVE-2023-23913 There is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method, data-remote or data-disable-with attribute.	CVSS3: 6.3	0% Низкий	около 1 года назад
CVE-2023-23913 There is a potential DOM based cross-site scripting issue in rails-ujs ...	CVSS3: 6.3	0% Низкий	около 1 года назад
SUSE-SU-2023:3813-1 Security update for rubygem-actionview-5_1		0% Низкий	больше 2 лет назад
GHSA-xp5h-f8jf-rc8q rails-ujs vulnerable to DOM Based Cross-site Scripting contenteditable HTML Elements	CVSS3: 6.3	0% Низкий	больше 2 лет назад

Уязвимостей на страницу