Lucene search
GoogleOSV:CVE-2018-3740HistoryMar 30, 2018 - 7:29 p.m.
CVE-2018-3740
2018-03-3019:29:00
Google
osv.dev
4
0.001 Low
EPSS
Percentile
50.2%
A specially crafted HTML fragment can cause Sanitize gem for Ruby to allow non-whitelisted attributes to be used on a whitelisted HTML element.
Related
openvas
openvas
Debian: Security Advisory (DSA-4358-1)
2018-12-26 00:00:00
osv
osv
ruby-sanitize - security update
2018-12-27 00:00:00
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting
2018-03-21 11:56:32
prion
prion
Hardcoded credentials
2018-03-30 19:29:00
cvelist
cvelist
CVE-2018-3740
2018-03-30 19:00:00
nessus
nessus
Debian DSA-4358-1 : ruby-sanitize - security update
2018-12-28 00:00:00
debian
debian
[SECURITY] [DSA 4358-1] ruby-sanitize security update
2018-12-27 12:31:26
[SECURITY] [DSA 4358-1] ruby-sanitize security update
2018-12-27 12:31:26
cve
cve
CVE-2018-3740
2018-03-30 19:29:00
ubuntucve
ubuntucve
CVE-2018-3740
2018-03-30 00:00:00
debiancve
debiancve
CVE-2018-3740
2018-03-30 19:29:00
veracode
veracode
Cross-site Scripting (XSS)
2018-03-20 06:00:15
freebsd
freebsd
Sanitize -- XSS vulnerability
2018-03-19 00:00:00
Gitlab -- multiple vulnerabilities
2018-06-25 00:00:00
nvd
nvd
CVE-2018-3740
2018-03-30 19:29:00
github
github
Sanitize vulnerable to Improper Input Validation and Cross-site Scripting
2018-03-21 11:56:32
archlinux
archlinux
[ASA-201807-1] gitlab: multiple issues
2018-07-04 00:00:00
rubygems
rubygems
Revert libxml2 behavior in Nokogiri gem that could cause XSS
2018-03-28 21:00:00
rosalinux
rosalinux
Advisory ROSA-SA-2021-1966
2021-07-02 18:06:34