logo
DATABASE RESOURCES PRICING ABOUT US

Possible XSS Vulnerability

Description

There is a possible XSS vulnerability in Action View. Text declared as "HTML safe" will not have quotes escaped when used as attribute values in tag helpers.


Affected Software


CPE Name Name Version
gem/actionview 4.0.0.alpha
gem/actionview 4.2.7.1
gem/actionview 5.0.0.alpha
gem/actionview 5.0.0.1

Related