2 matches found
Rails 跨站脚本漏洞
Rails is an open-source web application framework based on the Ruby language, developed by the Rails team in the United States. Versions of Rails prior to 8.1.2.1, 8.0.4.1, and 7.2.3.1 contained a cross-site scripting vulnerability. This vulnerability occurred when empty strings were used as HTML...
Debian Security Advisory DSA 2830-1 (ruby-i18n - cross-site scripting)
Peter McLarnan discovered that the internationalization component of Ruby on Rails does not properly encode parameters in generated HTML code, resulting in a cross-site scripting vulnerability. This update corrects the underlying vulnerability in the i18n gem, as provided by the ruby-i18n package...