Lucene search

Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-5FD0ABE36E2EEE52D6830B6D79C4317D

HistoryNov 28, 2011 - 12:00 a.m.

Translate helper method which may allow an attacker to insert arbitrary code into a page

2011-11-2800:00:00

https://gitlab.com/gitlab-org/security-products/gemnasium-db

gitlab.com

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.0%

JSON

The helper method for i18n translations has a convention whereby translations strings with a name ending in ‘html’ are considered HTML safe. There is also a mechanism for interpolation. It has been discovered that these ‘html’ strings allow arbitrary values to be contained in the interpolated input, and these values are not escaped.

CPENameOperatorVersion
gem/actionpackge3.0.0.alpha0
gem/actionpacklt3.0.11
gem/actionpackge3.1.0.alpha0
gem/actionpacklt3.1.2

Name	Operator	Version
gem/actionpack	ge	3.0.0.alpha0
gem/actionpack	lt	3.0.11
gem/actionpack	ge	3.1.0.alpha0
gem/actionpack	lt	3.1.2

References

github.com/rails/rails/commit/ba2d85012088fd0db0fab98b2e512c77c83cbade#diff-79e8a3e6d1d2808c4f93f63b3928a5a1

github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/OSVDB-77199.yml

groups.google.com/forum/#!topic/rubyonrails-security/K2HXD7c8fMU

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:M/Au:N/C:N/I:P/A:N

0.003 Low

EPSS

Percentile

69.0%

JSON

Related for GITLAB-5FD0ABE36E2EEE52D6830B6D79C4317D