112 matches found
ActionView Cross-Site Scripting Vulnerability
ActionView is a set of open source issue requirements tracking tool . The product supports permission configuration , statistical reports , document sharing and work logs and other functions . A cross-site scripting vulnerability exists in the JavaScript text escape helper in ActionView versions...
Debian DLA-2149-1 : rails security update
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. For Debian 8 'Jessie', this problem has been fixed in version...
CVE-2020-5267
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...
CVE-2020-5267
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...
DEBIAN-CVE-2020-5267
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...
Cross site scripting
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...
UBUNTU-CVE-2020-5267
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...
CVE-2020-5267
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...
GHSA-65CV-R6X7-79HV Cross site scripting vulnerability in ActionView
There is a possible cross site scripting XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. Impact There is a possible XSS vulnerability in the j and escapejavascript methods in ActionView. These...
Cross site scripting vulnerability in ActionView
There is a possible cross site scripting XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. Impact There is a possible XSS vulnerability in the j and escapejavascript methods in ActionView. These...
CVE-2020-5267 Possible XSS vulnerability in ActionView
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...
CVE-2020-5267
CVE-2020-5267 is an XSS vulnerability in ActionView’s JavaScript literal escape helpers. It affects Rails ActionView before 6.0.2.2 and 5.2.4.2, where views using j or escape_javascript may be vulnerable. The issue is fixed in version 6.0.2.2 and 5.2.4.2. Public connected documents corroborate th...
CVE-2020-5267
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2...
Cross-site Scripting
In ActionView there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS...
Possible XSS vulnerability in ActionView
There is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escapejavascript methods may be susceptible to XSS attacks. Versions Affected: All. Not affected: None. Fixed Versions: 6.0.2.2, 5.2.4.2 Impact ------ There is a possible XSS...
CVE-2019-5418
A content disclosure flaw was found in rubygem-actionview. Specially crafted accept headers, in combination with calls to 'render file:', can cause arbitrary files on the target server to be rendered, disclosing the file contents. Code execution cannot be ruled out if the attacker is able to gain...
rubygem-actionpack: render file directory traversal in Action View
A content disclosure flaw was found in rubygem-actionview. Specially crafted accept headers, in combination with calls to 'render file:', can cause arbitrary files on the target server to be rendered, disclosing the file contents. Code execution cannot be ruled out if the attacker is able to gain...
rubygem-actionpack: render file directory traversal in Action View
A content disclosure flaw was found in rubygem-actionview. Specially crafted accept headers, in combination with calls to 'render file:', can cause arbitrary files on the target server to be rendered, disclosing the file contents. Code execution cannot be ruled out if the attacker is able to gain...
[SECURITY] Fedora 30 Update: rubygem-actionview-5.2.3-2.fc30
Simple, battle-tested conventions and helpers for building web pages...
Fedora Update for rubygem-actionview FEDORA-2019-1cfe24db5c
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...