Astra Linux - уязвимость в rails

A XSS Vulnerability in Action View tag helpers = 5.2.0 and 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes...

DEBIAN-CVE-2026-33168

Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefull...

CVE-2026-33168 Rails has a possible XSS vulnerability in its Action View tag helpers

Action View provides conventions and helpers for building web pages with the Rails framework. Prior to versions 8.1.2.1, 8.0.4.1, and 7.2.3.1, when a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefull...

CVE-2026-33168

The connected advisory clarifies a concrete issue: Rails has a possible XSS vulnerability in Action View tag helpers when a blank string is used as an HTML attribute name, causing the attribute escaping to be bypassed and potentially letting a crafted value be interpreted as a new attribute name ...

Rails has a possible XSS vulnerability in its Action View tag helpers

Impact When a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefully crafted attribute value could then be misinterpreted by the browser as a separate attribute name, possibly leading to XSS. Application...

EUVD-2026-14616

Rails has a possible XSS vulnerability in its Action View tag helpers...

GHSA-V55J-83PF-R9CQ Rails has a possible XSS vulnerability in its Action View tag helpers

Impact When a blank string is used as an HTML attribute name in Action View tag helpers, the attribute escaping is bypassed, producing malformed HTML. A carefully crafted attribute value could then be misinterpreted by the browser as a separate attribute name, possibly leading to XSS. Application...

EUVD-2022-1707

Malicious code in bioql PyPI...

SUSE CVE-2022-27777

A XSS Vulnerability in Action View tag helpers = 5.2.0 and 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes...

CVE-2022-27777

A XSS Vulnerability in Action View tag helpers = 5.2.0 and 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes...

DEBIAN-CVE-2022-27777

A XSS Vulnerability in Action View tag helpers = 5.2.0 and 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes...

CVE-2022-27777

A XSS Vulnerability in Action View tag helpers = 5.2.0 and 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes...

CVE-2022-27777

A XSS Vulnerability in Action View tag helpers = 5.2.0 and 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes...

CVE-2022-27777

CVE-2022-27777 : Rails contains an XSS vulnerability in Action View tag helpers that could allow an attacker to inject content when they can control input in specific attributes. The issue is confirmed across multiple sources (Rails ecosystem advisories and debian/security notes) and is tied to t...

Action View tag helpers 跨站脚本漏洞

Action View tag helpers is an open source, free, easy-to-use, Jira-like issue requirement tracking tool for small and medium-sized businesses from Action View. A security vulnerability exists in Action View tag helpers version 5.2.0 and later versions. An attacker can exploit the vulnerability to...

GHSA-CH3H-J2VF-95PV XSS Vulnerability in Action View tag helpers

There is a possible XSS vulnerability in Action View tag helpers. Passing untrusted input as hash keys can lead to a possible XSS vulnerability. This vulnerability has been assigned the CVE identifier CVE-2022-27777. Versions Affected: ALL Not affected: NONE Fixed Versions: 7.0.2.4, 6.1.5.1,...

XSS Vulnerability in Action View tag helpers

There is a possible XSS vulnerability in Action View tag helpers. Passing untrusted input as hash keys can lead to a possible XSS vulnerability. This vulnerability has been assigned the CVE identifier CVE-2022-27777. Versions Affected: ALL Not affected: NONE Fixed Versions: 7.0.2.4, 6.1.5.1,...

PT-2022-3569 · Unknown +4 · Action View +4

Name of the Vulnerable Software and Affected Versions: Action View tag helpers versions prior to 5.2.7.1 Action View tag helpers versions prior to 6.0.4.8 Action View tag helpers versions prior to 6.1.5.1 Action View tag helpers versions prior to 7.0.2.4 Description: A XSS vulnerability exists in...

Possible XSS Vulnerability in Action View tag helpers

There is a possible XSS vulnerability in Action View tag helpers. Passing untrusted input as hash keys can lead to a possible XSS vulnerability. This vulnerability has been assigned the CVE identifier CVE-2022-27777. Versions Affected: ALL Not affected: NONE Fixed Versions: 7.0.2.4, 6.1.5.1,...

rubygem-actionview: cross-site scripting flaw in Action View

It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attacker could use this flaw to conduct a cross-site scripting XSS attack...