Lucene search

actionpack Cross-site Scripting vulnerability

🗓️ 24 Oct 2017 18:38:33Reported by GitHub Advisory DatabaseType

Actionpack XSS Vulnerability in Ruby on Rail

Reporter	Title	Published	Views	Family All 61
Cvelist	CVE-2011-2931	29 Aug 201118:00	–	cvelist
CVE	CVE-2011-2931	29 Aug 201118:55	–	cve
UbuntuCve	CVE-2011-2931	29 Aug 201100:00	–	ubuntucve
Prion	Cross site scripting	29 Aug 201118:55	–	prion
Debian CVE	CVE-2011-2931	29 Aug 201118:55	–	debiancve
GitLab Advisory Database	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	24 Oct 201700:00	–	gitlab
OSV	actionpack Cross-site Scripting vulnerability	24 Oct 201718:33	–	osv
OSV	rails - several	23 Jan 201200:00	–	osv
OSV	rails - several	23 Jan 201200:00	–	osv
NVD	CVE-2011-2931	29 Aug 201118:55	–	nvd

Vulners

Node

actionpack_project actionpackRange3.0.0–3.0.10

actionpack_project actionpackRange2.0.0–2.3.13

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2011-2931
github	www.github.com/rails/rails/commit/586a944ddd4d03e66dea1093306147594748037a
bugzilla	www.bugzilla.redhat.com/show_bug.cgi
github	www.github.com/advisories/GHSA-v5jg-558j-q67c
groups	www.groups.google.com/group/rubyonrails-security/msg/fd41ab62966e0fd1
lists	www.lists.fedoraproject.org/pipermail/package-announce/2011-September/065109.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2011-September/065137.html
lists	www.lists.fedoraproject.org/pipermail/package-announce/2011-September/065212.html
weblog	www.weblog.rubyonrails.org/2011/8/16/ann-rails-3-1-0-rc6
debian	www.debian.org/security/2011/dsa-2301

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Oct 2017 18:33Current

5.5Medium risk

Vulners AI Score5.5

CVSS24.3

EPSS0.00813

CWE-79