Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
githubGitHub Advisory DatabaseGHSA-4G8V-VG43-WPGF
HistoryJun 29, 2023 - 3:03 p.m.

Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to

2023-06-2915:03:16
GitHub Advisory Database
github.com
11
actionpack
cross-site-scripting
versions affected
fixed versions
impact
releases
workarounds
http header
JSON

The redirect_to method in Rails allows provided values to contain characters which are not legal in an HTTP header value. This results in the potential for downstream services which enforce RFC compliance on HTTP response headers to remove the assigned Location header. This vulnerability has been assigned the CVE identifier CVE-2023-28362.

Versions Affected: All. Not affected: None Fixed Versions: 7.0.5.1, 6.1.7.4

Impact

This introduces the potential for a Cross-site-scripting (XSS) payload to be delivered on the now static redirection page. Note that this both requires user interaction and for a Rails app to be configured to allow redirects to external hosts (defaults to false in Rails >= 7.0.x).

Releases

The FIXED releases are available at the normal locations.

Workarounds

Avoid providing user supplied URLs with arbitrary schemes to the redirect_to method.

Affected configurations

Vulners
Node
actionpack_projectactionpackRange7.0.07.0.5.1ruby
OR
actionpack_projectactionpackRange<6.1.7.4ruby
VendorProductVersionCPE
actionpack_projectactionpack*cpe:2.3:a:actionpack_project:actionpack:*:*:*:*:*:ruby:*:*

Related

ubuntucve 1
osv 1
hackerone 1
cve 1
ibm 2
debiancve 1
rubygems 1
veracode 1
nessus 2
redhatcve 1
openvas 1
redhat 1
ubuntucve
ubuntucve
CVE-2023-28362
2023-07-17 00:00:00
osv
osv
Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to
2023-06-29 15:03:16
hackerone
hackerone
Ruby on Rails: Incorrect handling of certain characters passed to the redirection functionality in Rails can lead to a single-click XSS vulnerability.
2023-04-20 01:32:01
cve
cve
CVE-2023-28362
2023-07-14 16:32:27
ibm
ibm
Security Bulletin: A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 (CVE-2023-28362) and could allow cross-site scripting.
2023-09-22 08:32:45
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-07-27 09:18:06
debiancve
debiancve
CVE-2023-28362
2023-07-14 16:32:27
rubygems
rubygems
Possible XSS via User Supplied Values to redirect_to
2023-06-25 21:00:00
veracode
veracode
Cross-site Scripting (XSS)
2023-07-03 09:16:23
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : rubygem-actionpack-5_1 (SUSE-SU-2023:3229-1)
2023-08-09 00:00:00
RHEL 8 : Satellite 6.14.1 Async Security Update (Moderate) (RHSA-2023:7851)
2024-04-28 00:00:00
redhatcve
redhatcve
CVE-2023-28362
2023-07-13 16:35:45
openvas
openvas
openSUSE: Security Advisory for rubygem (SUSE-SU-2023:3229-1)
2024-03-04 00:00:00
redhat
redhat
(RHSA-2023:7851) Moderate: Satellite 6.14.1 Async Security Update
2023-12-14 16:20:36
JSON
Related for GHSA-4G8V-VG43-WPGF
ubuntucve1osv1hackerone1cve1ibm2debiancve1rubygems1veracode1nessus2redhatcve1openvas1redhat1