Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistJpcertCVELIST:CVE-2015-2963
HistoryJul 10, 2015 - 5:00 p.m.

CVE-2015-2963

2015-07-1017:00:00
jpcert
www.cve.org

8.5 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.6%

JSON

The thoughtbot paperclip gem before 4.2.2 for Ruby does not consider the content-type value during media-type validation, which allows remote attackers to upload HTML documents and conduct cross-site scripting (XSS) attacks via a spoofed value, as demonstrated by image/jpeg.

Related

osv 1
freebsd 1
prion 1
nvd 1
cve 1
jvn 1
nessus 1
github 1
rosalinux 1
osv
osv
paperclip Cross-site Scripting vulnerability
2017-10-24 18:33:36
freebsd
freebsd
rubygem-paperclip -- validation bypass vulnerability
2015-06-05 00:00:00
prion
prion
Cross site scripting
2015-07-10 17:59:00
nvd
nvd
CVE-2015-2963
2015-07-10 17:59:00
cve
cve
CVE-2015-2963
2015-07-10 17:59:00
jvn
jvn
JVN#83881261: Ruby on Rails library Paperclip vulnerable to cross-site scripting
2015-06-18 00:00:00
nessus
nessus
FreeBSD : rubygem-paperclip -- validation bypass vulnerability (0f154810-16e4-11e5-a1cf-002590263bf5)
2015-06-23 00:00:00
github
github
paperclip Cross-site Scripting vulnerability
2017-10-24 18:33:36
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34

8.5 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

74.6%

JSON
Related for CVELIST:CVE-2015-2963
osv1freebsd1prion1nvd1cve1jvn1nessus1github1rosalinux1