logo
DATABASE RESOURCES PRICING ABOUT US

FreeBSD : Loofah -- XSS vulnerability (36a2a89e-7ee1-4ea4-ae22-7ca38019c8d0)

Description

GitHub issue : This issue has been created for public disclosure of an XSS vulnerability that was responsibly reported (independently) by Shubham Pathak and @yasinS (Yasin Soliman). In the Loofah gem, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.


Related