Lucene search
RubySecRUBY:ACTIONPACK-2012-3465-84513HistoryAug 08, 2012 - 8:00 p.m.
CVE-2012-3465 rubygem-actionpack: XSS Vulnerability in strip_tags
2012-08-0820:00:00
RubySec
rubysec.com
13
Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/sanitize_helper.rb
in the strip_tags helper in Ruby on Rails before 3.0.17, 3.1.x before 3.1.8, and
3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML
via malformed HTML markup.
| CPE | Name | Operator | Version |
|---|---|---|---|
| actionpack | le | 3.0.16 | |
| actionpack | ge | 3.1.0 | |
| actionpack | le | 3.1.7 | |
| actionpack | ge | 3.2.0 | |
| actionpack | lt | 3.2.8 |
References
Related
ubuntucve
ubuntucve
CVE-2012-3465
2012-08-10 00:00:00
seebug
seebug
Ruby on Rails 'strip_tags()'跨站脚本执行漏洞
2012-08-13 00:00:00
gitlab
gitlab
XSS Vulnerability in strip_tags
2012-08-10 00:00:00
cve
cve
CVE-2012-3465
2012-08-10 10:34:00
github
github
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:37
prion
prion
Cross site scripting
2012-08-10 10:34:00
debiancve
debiancve
CVE-2012-3465
2012-08-10 10:34:00
osv
osv
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:37
nessus
nessus
openvas
openvas
FreeBSD Ports: rubygem-rails
2012-08-10 00:00:00
FreeBSD Ports: rubygem-rails
2012-08-10 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2012-11885
2012-08-30 00:00:00
freebsd
freebsd
rubygem-rails -- multiple vulnerabilities
2012-08-08 00:00:00
fedora
fedora
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-7.fc17
2012-08-22 21:11:17
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-8.fc17
2013-01-23 01:53:38
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-9.fc17
2013-03-30 21:27:37
debian
debian
[SECURITY] [DSA 2655-1] rails security update
2013-03-28 16:15:56
redhat
redhat
(RHSA-2013:0154) Critical: Ruby on Rails security update
2013-01-10 20:37:00
(RHSA-2013:0582) Moderate: Red Hat OpenShift Enterprise 1.1.1 update
2013-02-28 00:00:00
Related for RUBY:ACTIONPACK-2012-3465-84513