Lucene search
Redhat.comRH:CVE-2022-3704HistoryOct 31, 2022 - 7:25 p.m.
CVE-2022-3704
2022-10-3119:25:56
redhat.com
access.redhat.com
71
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.7%
A self cross-site scripting vulnerability was found in Ruby on Rails. This issue occurs when requesting a page that does not have a matching routing, allowing a user to create a script injection within the routing error page.
Related
debiancve
debiancve
CVE-2022-3704
2022-10-26 20:15:10
cvelist
cvelist
CVE-2022-3704 Ruby on Rails _table.html.erb cross site scripting
2022-10-26 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2022-10-27 03:29:45
prion
prion
Cross site scripting
2022-10-26 20:15:00
osv
osv
BIT-rails-2022-3704
2024-01-31 15:23:07
Cross-site Scripting in actionpack
2022-10-27 12:00:27
nvd
nvd
CVE-2022-3704
2022-10-26 20:15:10
ubuntucve
ubuntucve
CVE-2022-3704
2022-10-26 00:00:00
cve
cve
CVE-2022-3704
2022-10-26 20:15:10
github
github
Cross-site Scripting in actionpack
2022-10-27 12:00:27
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
21.7%
Related for RH:CVE-2022-3704