11 matches found
Astra Linux – Vulnerability in ruby-rails-html-sanitizer
Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions starting from 1.0.3 and before 1.4.4 are vulnerable to cross-site scripting through data URIs when used in conjunction with Loofah version 2.1.0 or higher. This issue has been fixed in version 1.4.4...
Linux Distros Unpatched Vulnerability : CVE-2022-32209
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerabili...
Linux Distros Unpatched Vulnerability : CVE-2024-53988
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...
Linux Distros Unpatched Vulnerability : CVE-2024-53985
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...
Linux Distros Unpatched Vulnerability : CVE-2024-53987
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...
Linux Distros Unpatched Vulnerability : CVE-2024-53989
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...
Linux Distros Unpatched Vulnerability : CVE-2022-23519
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain...
PT-2024-36000
Name of the Vulnerable Software and Affected Versions: rails-html-sanitizer version 1.6.0 Description: There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer when used with Rails = 7.1.0. This issue may allow an attacker to inject content if HTML5 sanitization...
DEBIAN-CVE-2022-23520
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to...
UBUNTU-CVE-2022-23519
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper user-input sanitization which may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both select and style elements. This is due...