Lucene search

K
cvelistRedhatCVELIST:CVE-2015-7580
HistoryFeb 16, 2016 - 2:00 a.m.

CVE-2015-7580

2016-02-1602:00:00
redhat
www.cve.org

5.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.6%

Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node.

5.5 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

65.6%