14 matches found
SUSE: Security Advisory (SUSE-SU-2016:1146-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 23 : rubygem-rails-html-sanitizer-1.0.3-1.fc23 (2016-59ce8b61dd)
Security fix for CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora 22 : rubygem-rails-html-sanitizer-1.0.1-2.fc22 (2016-3a2606f993)
Security fix for CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...
Fedora Update for rubygem-rails-html-sanitizer FEDORA-2016-59
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2015-7580
Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...
CVE-2015-7580
Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...
CVE-2015-7580
The CVE-2015-7580 entry describes an XSS vulnerability in the rails-html-sanitizer gem prior to 1.0.3 used with Ruby on Rails 4.2.x and 5.x. The issue arises in lib/rails/html/scrubbers.rb where a crafted CDATA node can inject arbitrary script/HTML. Affected component: rails-html-sanitizer (Ruby ...
CVE-2015-7580
Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...
CVE-2015-7580
Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...
openSUSE: Security Advisory for rubygem-rails-html-sanitizer (openSUSE-SU-2016:0356-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : rubygem-rails-html-sanitizer (openSUSE-2016-148)
This update for rubygem-rails-html-sanitizer fixes the following issues : - CVE-2015-7579: XSS vulnerability in rails-html-sanitizer bsc963327 - CVE-2015-7578: XSS vulnerability via attributes bsc963326 - CVE-2015-7580: XSS via whitelist sanitizer bsc963328 %NASLMINLEVEL 70300 C Tenable Network...
Security update for rubygem-rails-html-sanitizer (important)
This update for rubygem-rails-html-sanitizer fixes the following issues: - CVE-2015-7579: XSS vulnerability in rails-html-sanitizer bsc963327 - CVE-2015-7578: XSS vulnerability via attributes bsc963326 - CVE-2015-7580: XSS via whitelist sanitizer bsc963328...
Possible XSS vulnerability in rails-html-sanitizer
There is a possible XSS vulnerability in the white list sanitizer in the rails-html-sanitizer gem. This vulnerability has been assigned the CVE identifier CVE-2015-7580. Versions Affected: All. Not affected: None. Fixed Versions: v1.0.3 Impact ------ Carefully crafted strings can cause user input...
Ruby on Rails: Potential XSS on sanitize/Rails::Html::WhiteListSanitizer
Possible XSS vulnerability in rails-html-sanitizer There is a possible XSS vulnerability in the white list sanitizer in the rails-html-sanitizer gem. This vulnerability has been assigned the CVE identifier CVE-2015-7580. Versions Affected: All. Not affected: None. Fixed Versions: v1.0.3 Impact...