logo
DATABASE RESOURCES PRICING ABOUT US

Cross-site Scripting

Description

In ActionView there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS.


Affected Software


CPE Name Name Version
gem/actionview 5.2.4.2
gem/actionview 6.0.0
gem/actionview 6.0.2.2

Related