3 matches found
Apple Safari Arbitrary javascript Code Execution Vulnerability
Apple Safari is a web browser from Apple, Inc. and is the default browser that comes with the Mac OS X and iOS operating systems. An arbitrary javascript code execution vulnerability exists in Safari versions prior to 13.0.5. The vulnerability stems from a problem with custom URL scheme handling...
actionpack Cross-site Scripting vulnerability
The sanitize helper in lib/actioncontroller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : colon characters in URLs, which makes it easier for remote...
Cross site scripting
The sanitize helper in lib/actioncontroller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : colon characters in URLs, which makes it easier for remote...