Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-FBA333B8C63FDE85A618250EF5A55462HistoryMar 19, 2013 - 12:00 a.m.
XSS Vulnerability in the `sanitize` helper
2013-03-1900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
16
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
70.4%
The sanitize helper in Ruby on Rails is designed to filter HTML and remove all tags and attributes which could be malicious.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gem/actionpack | lt | 2.3.18 | |
| gem/actionpack | ge | 2.4.0 | |
| gem/actionpack | lt | 3.1.12 | |
| gem/actionpack | ge | 3.2.0 | |
| gem/actionpack | lt | 3.2.13 |
Related
prion
prion
Cross site scripting
2013-03-19 22:55:00
cve
cve
CVE-2013-1857
2013-03-19 22:55:00
ubuntucve
ubuntucve
CVE-2013-1857
2013-03-19 00:00:00
osv
osv
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:37
debiancve
debiancve
CVE-2013-1857
2013-03-19 22:55:00
github
github
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:37
rubygems
rubygems
nessus
nessus
RHEL 6 : rubygem-actionpack and ruby193-rubygem-actionpack (RHSA-2013:0698)
2018-12-06 00:00:00
Fedora 17 : rubygem-actionpack-3.0.11-9.fc17 (2013-4199)
2013-04-01 00:00:00
Fedora 18 : rubygem-actionpack-3.2.8-3.fc18 (2013-4214)
2013-04-01 00:00:00
redhat
redhat
ibm
ibm
openvas
openvas
Fedora Update for rubygem-actionpack FEDORA-2013-4214
2013-04-02 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2013-4214
2013-04-02 00:00:00
Debian Security Advisory DSA 2655-1 (rails - several vulnerabilities)
2013-03-28 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-actionpack-3.2.8-3.fc18
2013-03-30 21:27:21
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-9.fc17
2013-03-30 21:27:37
threatpost
threatpost
Ruby on Rails Patches DoS, XSS Vulnerabilities
2013-03-19 16:31:57
freebsd
freebsd
rubygem-rails -- multiple vulnerabilities
2013-03-18 00:00:00
debian
debian
[SECURITY] [DSA 2655-1] rails security update
2013-03-28 16:15:56
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2013-06-17 00:00:00
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.004 Low
EPSS
Percentile
70.4%
Related for GITLAB-FBA333B8C63FDE85A618250EF5A55462