Lucene search
GitHub_MCVELIST:CVE-2022-23515HistoryDec 14, 2022 - 1:23 p.m.
CVE-2022-23515 Improper neutralization of data URIs may allow XSS in Loofah
2022-12-1413:23:02
CWE-79
GitHub_M
raw.githubusercontent.com
1
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.
Related
hackerone
hackerone
prion
prion
Cross site scripting
2022-12-14 14:15:00
ubuntucve
ubuntucve
CVE-2022-23515
2022-12-14 00:00:00
osv
osv
CVE-2022-23515
2022-12-14 14:15:10
Improper neutralization of data URIs may allow XSS in Loofah
2022-12-13 17:39:36
ruby-loofah - security update
2023-09-13 00:00:00
redhatcve
redhatcve
CVE-2022-23515
2022-12-14 11:35:22
veracode
veracode
Cross-Site Scripting (XSS)
2022-12-14 04:47:44
cve
cve
CVE-2022-23515
2022-12-14 14:15:00
debiancve
debiancve
CVE-2022-23515
2022-12-14 14:15:00
github
github
Improper neutralization of data URIs may allow XSS in Loofah
2022-12-13 17:39:36
nessus
nessus
Fedora 40 : rubygem-loofah (2023-1bbea3700b)
2024-04-29 00:00:00
Debian DLA-3565-1 : ruby-loofah - LTS security update
2023-09-14 00:00:00
debian
debian
[SECURITY] [DLA 3565-1] ruby-loofah security update
2023-09-13 15:09:33
openvas
openvas
Debian: Security Advisory (DLA-3565-1)
2023-09-14 00:00:00
rocky
rocky
Satellite 6.13 Release
2023-05-05 15:39:58
redhat
redhat
(RHSA-2023:2097) Important: Satellite 6.13 Release
2023-05-03 13:09:51