Lucene search
K

11 matches found

OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.20 views

Gentoo Security Advisory GLSA 200711-17 (rails)

The remote host is missing updates announced in advisory GLSA 200711-17. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.8CVSS9.6AI score0.03969EPSS
Exploits1References3
OpenVAS
OpenVAS
added 2008/09/24 12:0 a.m.40 views

Gentoo Security Advisory GLSA 200711-17 (rails)

The remote host is missing updates announced in advisory GLSA 200711-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

6.8CVSS0.03969EPSS
Exploits1
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.14 views

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

4.3CVSS6.6AI score0.03683EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2008/09/04 12:0 a.m.30 views

FreeBSD Ports: rubygem-rails

The remote host is missing an update to the system as announced in the referenced advisory. VID 44fb0302-9d38-11dc-9114-001c2514716c OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...

4.3CVSS6.4AI score0.03683EPSS
Exploits1
securityvulns
securityvulns
added 2007/11/15 12:0 a.m.75 views

[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...

6.8CVSS9.9AI score0.03969EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2007/11/15 12:0 a.m.37 views

openSUSE 10 Security Update : rubygem-activesupport (rubygem-activesupport-4568)

A cross site scripting XSS bug allowed attackers to execute JavaScript code in the context of other websites CVE-2007-3227. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...

4.3CVSS5AI score0.03683EPSS
Exploits1References1
FreeBSD
FreeBSD
added 2007/10/12 12:0 a.m.48 views

rubygem-rails -- JSON XSS vulnerability

Rails core team reports: All users of Rails 1.2.4 or earlier are advised to upgrade to 1.2.5, though it isn't strictly necessary if you aren't working with JSON. For more information the JSON vulnerability, see CVE-2007-3227...

4.3CVSS6.3AI score0.03683EPSS
Exploits1
NVD
NVD
added 2007/06/14 11:30 p.m.17 views

CVE-2007-3227

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

4.3CVSS5.6AI score0.03683EPSS
Exploits1References13
OSV
OSV
added 2007/06/14 11:30 p.m.7 views

CVE-2007-3227

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

5.6AI score
Exploits0References13
CVE
CVE
added 2007/06/14 11:0 p.m.102 views

CVE-2007-3227

The CVE-2007-3227 entry describes a Cross-site scripting (XSS) vulnerability in Rails: the to_json (ActiveRecord::Base#to_json) function allows injecting arbitrary script via input values. Affected software is Ruby on Rails prior to the edge 9606 release; exploitation could occur remotely through...

4.3CVSS5.5AI score0.03683EPSS
Exploits1References13Affected Software1
Debian CVE
Debian CVE
added 2007/06/14 11:0 p.m.33 views

CVE-2007-3227

Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...

4.3CVSS5.7AI score0.03683EPSS
Exploits1
Rows per page
Query Builder