Lucene search

K

CVE-2022-23515 Improper neutralization of data URIs may allow XSS in Loofah

🗓️ 14 Dec 2022 13:02:23Reported by GitHub_MType 
cvelist
 cvelist
🔗 www.cve.org👁 14 Views

CVE-2022-23515 Loofah XSS vulnerability patched in v2.19.

Show more
Related
Affected
Refs
ReporterTitlePublishedViews
Family
Hacker One
Internet Bug Bounty: Rails ActionView sanitize helper bypass leading to XSS using SVG tag.
14 Dec 202220:50
hackerone
Hacker One
Ruby on Rails: ActionView sanitize helper bypass leading to XSS using SVG tag.
7 Sep 202221:38
hackerone
Prion
Cross site scripting
14 Dec 202214:15
prion
UbuntuCve
CVE-2022-23515
14 Dec 202200:00
ubuntucve
Veracode
Cross-Site Scripting (XSS)
14 Dec 202204:47
veracode
OSV
CVE-2022-23515
14 Dec 202214:15
osv
OSV
Improper neutralization of data URIs may allow XSS in Loofah
13 Dec 202217:39
osv
OSV
ruby-loofah - security update
13 Sep 202300:00
osv
OSV
ruby3.1-rubygem-loofah-2.19.1-1.1 on GA media
15 Jun 202400:00
osv
OSV
ruby-loofah - security update
28 Sep 202400:00
osv
Rows per page
[
  {
    "vendor": "flavorjones",
    "product": "loofah",
    "versions": [
      {
        "version": ">= 2.1.0, < 2.19.1",
        "status": "affected"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
14 Dec 2022 13:23Current
6.2Medium risk
Vulners AI Score6.2
CVSS36.1
EPSS0.002
14
.json
Report