Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
rubygemsRubySecRUBY:ACTIONPACK-2023-28362
HistoryJun 25, 2023 - 9:00 p.m.

Possible XSS via User Supplied Values to redirect_to

2023-06-2521:00:00
RubySec
rubysec.com
21
xss
user supplied values
redirect_to
http header
cve-2023-28362
rails
fixed versions
user interaction
configured
external hosts

0 Low

EPSS

Percentile

0.0%

JSON

The redirect_to method in Rails allows provided values to contain characters
which are not legal in an HTTP header value. This results in the potential for
downstream services which enforce RFC compliance on HTTP response headers to
remove the assigned Location header. This vulnerability has been assigned the
CVE identifier CVE-2023-28362.

Versions Affected: All. Not affected: None Fixed Versions: 7.0.5.1, 6.1.7.4

Impact

This introduces the potential for a Cross-site-scripting (XSS) payload to be
delivered on the now static redirection page. Note that this both requires
user interaction and for a Rails app to be configured to allow redirects to
external hosts (defaults to false in Rails >= 7.0.x).

Releases

The FIXED releases are available at the normal locations.

Workarounds

Avoid providing user supplied URLs with arbitrary schemes to the redirect_to
method.

Related

hackerone 1
nessus 2
redhatcve 1
github 1
openvas 1
veracode 1
osv 1
ubuntucve 1
debiancve 1
ibm 2
cve 1
redhat 1
hackerone
hackerone
Ruby on Rails: Incorrect handling of certain characters passed to the redirection functionality in Rails can lead to a single-click XSS vulnerability.
2023-04-20 01:32:01
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : rubygem-actionpack-5_1 (SUSE-SU-2023:3229-1)
2023-08-09 00:00:00
RHEL 8 : Satellite 6.14.1 Async Security Update (Moderate) (RHSA-2023:7851)
2024-04-28 00:00:00
redhatcve
redhatcve
CVE-2023-28362
2023-07-13 16:35:45
github
github
Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to
2023-06-29 15:03:16
openvas
openvas
openSUSE: Security Advisory for rubygem (SUSE-SU-2023:3229-1)
2024-03-04 00:00:00
veracode
veracode
Cross-site Scripting (XSS)
2023-07-03 09:16:23
osv
osv
Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to
2023-06-29 15:03:16
ubuntucve
ubuntucve
CVE-2023-28362
2023-07-17 00:00:00
debiancve
debiancve
CVE-2023-28362
2023-07-14 16:32:27
ibm
ibm
Security Bulletin: A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 (CVE-2023-28362) and could allow cross-site scripting.
2023-09-22 08:32:45
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-07-27 09:18:06
cve
cve
CVE-2023-28362
2023-07-14 16:32:27
redhat
redhat
(RHSA-2023:7851) Moderate: Satellite 6.14.1 Async Security Update
2023-12-14 16:20:36

0 Low

EPSS

Percentile

0.0%

JSON
Related for RUBY:ACTIONPACK-2023-28362
hackerone1nessus2redhatcve1github1openvas1veracode1osv1ubuntucve1debiancve1ibm2cve1redhat1