CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

213 matches found

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Astra Linux - уязвимость в rails

A XSS Vulnerability in Action View tag helpers = 5.2.0 and 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes...

6.1CVSS6.3AI score0.01409EPSS

Exploits1References1

SUSE CVE•added 2026/03/25 12:24 a.m.•3 views

SUSE CVE-2026-33168

Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefull...

2.3CVSS5.8AI score0.00026EPSS

Exploits0References3

Tenable Nessus•added 2026/03/25 12:0 a.m.•1 views

Linux Distros Unpatched Vulnerability : CVE-2026-33168

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank stri...

2.3CVSS5.8AI score0.00026EPSS

Exploits0References3

RedhatCVE•added 2026/03/24 11:7 a.m.•2 views

CVE-2026-33168

A flaw was found in Action View, a component of the Rails framework. When a blank string is used as an HTML attribute name in Action View tag helpers, it bypasses attribute escaping, producing malformed HTML. A remote attacker could exploit this by crafting a malicious attribute value, which a we...

5.4CVSS5.8AI score0.00026EPSS

Exploits0References10

OSV•added 2026/03/23 11:17 p.m.•2 views

DEBIAN-CVE-2026-33168

2.3CVSS5.4AI score0.00026EPSS

Exploits0References1

NVD•added 2026/03/23 11:17 p.m.•3 views

CVE-2026-33168

2.3CVSS0.00026EPSS

Exploits0References7

OSV•added 2026/03/23 11:17 p.m.•5 views

UBUNTU-CVE-2026-33168

2.3CVSS5.8AI score0.00026EPSS

Exploits0References9

Cvelist•added 2026/03/23 11:1 p.m.•20 views

CVE-2026-33168 Rails has a possible XSS vulnerability in its Action View tag helpers

2.3CVSS0.00026EPSS

Exploits0References7

Debian CVE•added 2026/03/23 11:1 p.m.•3 views

CVE-2026-33168

2.3CVSS5.4AI score0.00026EPSS

Exploits0

CVE•added 2026/03/23 11:1 p.m.•6 views

CVE-2026-33168

The connected advisory clarifies a concrete issue: Rails has a possible XSS vulnerability in Action View tag helpers when a blank string is used as an HTML attribute name, causing the attribute escaping to be bypassed and potentially letting a crafted value be interpreted as a new attribute name ...

2.3CVSS5.8AI score0.00026EPSS

Exploits0References7

Vulnrichment•added 2026/03/23 11:1 p.m.•2 views

CVE-2026-33168 Rails has a possible XSS vulnerability in its Action View tag helpers

2.3CVSS5.8AI score0.00026EPSS

Exploits0References7

OSV•added 2026/03/23 11:1 p.m.•1 views

CVE-2026-33168 Rails has a possible XSS vulnerability in its Action View tag helpers

2.3CVSS5.8AI score0.00026EPSS

Exploits0References9

ATTACKERKB•added 2026/03/23 11:1 p.m.•1 views

CVE-2026-33168

2.3CVSS5.8AI score0.00026EPSS

Exploits0References8Affected Software1

Github Security Blog•added 2026/03/23 8:51 p.m.•6 views

Rails has a possible XSS vulnerability in its Action View tag helpers

Impact When a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefully crafted attribute value could then be misinterpreted by the browser as a separate attribute name, possibly leading to XSS. Application...

2.3CVSS5.3AI score0.00026EPSS

Exploits0References10Affected Software1

EUVD•added 2026/03/23 8:51 p.m.•3 views

EUVD-2026-14616

Rails has a possible XSS vulnerability in its Action View tag helpers...

2.3CVSS5.8AI score0.00026EPSS

Exploits0References7

OSV•added 2026/03/23 8:51 p.m.•1 views

GHSA-V55J-83PF-R9CQ Rails has a possible XSS vulnerability in its Action View tag helpers

2.3CVSS5.8AI score0.00026EPSS

Exploits0References10

RubySec•added 2026/03/23 12:0 a.m.•7 views

Rails has a possible XSS vulnerability in its Action View tag helpers

2.3CVSS5.8AI score0.00026EPSS

Exploits0References1Affected Software1

Positive Technologies•added 2026/03/23 12:0 a.m.•1 views

PT-2026-27255

Name of the Vulnerable Software and Affected Versions Rails versions prior to 8.1.2.1 Rails versions prior to 8.0.4.1 Rails versions prior to 7.2.3.1 Description Action View tag helpers are susceptible to an issue where attribute escaping is bypassed when a blank string is used as an HTML attribu...

2.3CVSS5.6AI score0.00026EPSS

Exploits0References20

CNNVD•added 2026/03/23 12:0 a.m.•4 views

Rails 跨站脚本漏洞

Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. Versions of Rails prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1 contained a cross-site scripting vulnerability. This vulnerability occurred when empty strings were used as HTML...

2.3CVSS5.7AI score0.00026EPSS

Exploits0References8

GitLab Advisory Database•added 2026/03/23 12:0 a.m.•7 views

Rails has a possible XSS vulnerability in its Action View tag helpers

When a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefully crafted attribute value could then be misinterpreted by the browser as a separate attribute name, possibly leading to XSS. Applications that...

2.3CVSS5.8AI score0.00026EPSS

Exploits0References10Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by