Lucene search
K

11 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in ruby-rails-html-sanitizer

Rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions starting from 1.0.3 and before 1.4.4 are vulnerable to cross-site scripting through data URIs when used in conjunction with Loofah version 2.1.0 or higher. This issue has been fixed in version 1.4.4...

6.1CVSS5.9AI score0.00867EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-32209

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerabili...

6.1CVSS6.2AI score0.2914EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.0 views

Linux Distros Unpatched Vulnerability : CVE-2024-53988

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...

6.1CVSS5.8AI score0.00435EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-53985

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...

6.1CVSS5.8AI score0.00581EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-53987

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...

6.1CVSS5.8AI score0.00435EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/21 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2024-53989

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of...

6.1CVSS5.8AI score0.00463EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/20 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2022-23519

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain...

7.2CVSS6.6AI score0.00988EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/12/02 12:0 a.m.10 views

PT-2024-36000

Name of the Vulnerable Software and Affected Versions: rails-html-sanitizer version 1.6.0 Description: There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer when used with Rails = 7.1.0. This issue may allow an attacker to inject content if HTML5 sanitization...

6.4CVSS6.5AI score0.00581EPSS
Exploits0References24
OSV
OSV
added 2022/12/14 6:15 p.m.2 views

DEBIAN-CVE-2022-23520

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer due to an incomplete fix of CVE-2022-32209. Rails::Html::Sanitizer may allow an attacker to...

6.1CVSS6.3AI score0.0111EPSS
Exploits1References1
OSV
OSV
added 2022/12/14 5:15 p.m.5 views

UBUNTU-CVE-2022-23519

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's...

7.2CVSS6.7AI score0.00988EPSS
Exploits1References4
Snyk
Snyk
added 2022/12/13 5:51 p.m.2 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to improper user-input sanitization which may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both select and style elements. This is due...

6.1CVSS5.3AI score0.2914EPSS
Exploits2References2
Rows per page
Query Builder