Lucene search
HackeroneCVELIST:CVE-2018-3740HistoryMar 30, 2018 - 7:00 p.m.
CVE-2018-3740
2018-03-3019:00:00
CWE-79
hackerone
www.cve.org
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.
CNA Affected
[
{
"product": "sanitize (ruby gem)",
"vendor": "Ryan Grove",
"versions": [
{
"status": "affected",
"version": "< 4.6.3"
}
]
}
]Related
openvas
openvas
Debian: Security Advisory (DSA-4358-1)
2018-12-26 00:00:00
osv
osv
ruby-sanitize - security update
2018-12-27 00:00:00
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting
2018-03-21 11:56:32
CVE-2018-3740
2018-03-30 19:29:00
prion
prion
Hardcoded credentials
2018-03-30 19:29:00
freebsd
freebsd
Sanitize -- XSS vulnerability
2018-03-19 00:00:00
Gitlab -- multiple vulnerabilities
2018-06-25 00:00:00
debian
debian
[SECURITY] [DSA 4358-1] ruby-sanitize security update
2018-12-27 12:31:26
[SECURITY] [DSA 4358-1] ruby-sanitize security update
2018-12-27 12:31:26
nvd
nvd
CVE-2018-3740
2018-03-30 19:29:00
github
github
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting
2018-03-21 11:56:32
nessus
nessus
Debian DSA-4358-1 : ruby-sanitize - security update
2018-12-28 00:00:00
cve
cve
CVE-2018-3740
2018-03-30 19:29:00
ubuntucve
ubuntucve
CVE-2018-3740
2018-03-30 00:00:00
debiancve
debiancve
CVE-2018-3740
2018-03-30 19:29:00
veracode
veracode
Cross-site Scripting (XSS)
2018-03-20 06:00:15
archlinux
archlinux
[ASA-201807-1] gitlab: multiple issues
2018-07-04 00:00:00
rubygems
rubygems
Revert libxml2 behavior in Nokogiri gem that could cause XSS
2018-03-28 21:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34