exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2015-1840

больше 10 лет назад

jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.

CVSS2: 5

EPSS: Низкий

CVE-2015-1840

больше 10 лет назад

jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.

CVSS2: 4.3

EPSS: Низкий

CVE-2015-1840

больше 10 лет назад

jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.

CVSS2: 5

EPSS: Низкий

CVE-2015-1840

больше 10 лет назад

jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and ra ...

CVSS2: 5

EPSS: Низкий

GHSA-4whc-pp4x-9pf3

больше 8 лет назад

jquery-rails and jquery-ujs subject to Exposure of Sensitive Information

EPSS: Низкий

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2015-1840 jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.	CVSS2: 5	0% Низкий	больше 10 лет назад
CVE-2015-1840 jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.	CVSS2: 4.3	0% Низкий	больше 10 лет назад
CVE-2015-1840 jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.	CVSS2: 5	0% Низкий	больше 10 лет назад
CVE-2015-1840 jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and ra ...	CVSS2: 5	0% Низкий	больше 10 лет назад
GHSA-4whc-pp4x-9pf3 jquery-rails and jquery-ujs subject to Exposure of Sensitive Information		0% Низкий	больше 8 лет назад

Уязвимостей на страницу