Количество 4
Количество 4
CVE-2017-1002201
In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code.
CVE-2017-1002201
In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code.
CVE-2017-1002201
In haml versions prior to version 5.0.0.beta.2, when using user input ...
GHSA-r53w-g4xm-3gc6
Haml vulnerable to cross-site scripting
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2017-1002201 In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code. | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
 | CVE-2017-1002201 In haml versions prior to version 5.0.0.beta.2, when using user input to perform tasks on the server, characters like < > " ' must be escaped properly. In this case, the ' character was missed. An attacker can manipulate the input to introduce additional attributes, potentially executing code. | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
| CVE-2017-1002201 In haml versions prior to version 5.0.0.beta.2, when using user input ... | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
| GHSA-r53w-g4xm-3gc6 Haml vulnerable to cross-site scripting | CVSS3: 6.1 | 1% Низкий | больше 6 лет назад |
Уязвимостей на страницу