Lucene search
K

14 matches found

OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.23 views

SUSE: Security Advisory (SUSE-SU-2016:1146-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.95537EPSS
Exploits19References4
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.25 views

Fedora 23 : rubygem-rails-html-sanitizer-1.0.3-1.fc23 (2016-59ce8b61dd)

Security fix for CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

6.1CVSS6.5AI score0.02587EPSS
Exploits1References5
Tenable Nessus
Tenable Nessus
added 2016/03/04 12:0 a.m.37 views

Fedora 22 : rubygem-rails-html-sanitizer-1.0.1-2.fc22 (2016-3a2606f993)

Security fix for CVE-2015-7578 CVE-2015-7579 CVE-2015-7580 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional...

6.1CVSS6.5AI score0.02587EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2016/02/29 12:0 a.m.24 views

Fedora Update for rubygem-rails-html-sanitizer FEDORA-2016-59

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.5AI score0.02587EPSS
Exploits1References2
NVD
NVD
added 2016/02/16 2:59 a.m.14 views

CVE-2015-7580

Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...

6.1CVSS6AI score0.02196EPSS
Exploits0References7
UbuntuCve
UbuntuCve
added 2016/02/16 2:59 a.m.25 views

CVE-2015-7580

Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...

6.1CVSS6.8AI score0.02196EPSS
Exploits0References2
CVE
CVE
added 2016/02/16 2:0 a.m.87 views

CVE-2015-7580

The CVE-2015-7580 entry describes an XSS vulnerability in the rails-html-sanitizer gem prior to 1.0.3 used with Ruby on Rails 4.2.x and 5.x. The issue arises in lib/rails/html/scrubbers.rb where a crafted CDATA node can inject arbitrary script/HTML. Affected component: rails-html-sanitizer (Ruby ...

6.1CVSS5.4AI score0.02196EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2016/02/16 2:0 a.m.32 views

CVE-2015-7580

Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...

5.5AI score0.02196EPSS
Exploits0References7
Debian CVE
Debian CVE
added 2016/02/16 2:0 a.m.28 views

CVE-2015-7580

Cross-site scripting XSS vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node...

6.1CVSS5.6AI score0.02196EPSS
Exploits0
OpenVAS
OpenVAS
added 2016/02/08 12:0 a.m.25 views

openSUSE: Security Advisory for rubygem-rails-html-sanitizer (openSUSE-SU-2016:0356-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.1CVSS6.4AI score0.02587EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2016/02/08 12:0 a.m.26 views

openSUSE Security Update : rubygem-rails-html-sanitizer (openSUSE-2016-148)

This update for rubygem-rails-html-sanitizer fixes the following issues : - CVE-2015-7579: XSS vulnerability in rails-html-sanitizer bsc963327 - CVE-2015-7578: XSS vulnerability via attributes bsc963326 - CVE-2015-7580: XSS via whitelist sanitizer bsc963328 %NASLMINLEVEL 70300 C Tenable Network...

6.1CVSS6.4AI score0.02587EPSS
Exploits1References6
OPENSUSE Linux
OPENSUSE Linux
added 2016/02/07 5:11 p.m.58 views

Security update for rubygem-rails-html-sanitizer (important)

This update for rubygem-rails-html-sanitizer fixes the following issues: - CVE-2015-7579: XSS vulnerability in rails-html-sanitizer bsc963327 - CVE-2015-7578: XSS vulnerability via attributes bsc963326 - CVE-2015-7580: XSS via whitelist sanitizer bsc963328...

4.3CVSS3AI score0.02587EPSS
Exploits1References3
RubySec
RubySec
added 2016/01/25 12:0 a.m.22 views

Possible XSS vulnerability in rails-html-sanitizer

There is a possible XSS vulnerability in the white list sanitizer in the rails-html-sanitizer gem. This vulnerability has been assigned the CVE identifier CVE-2015-7580. Versions Affected: All. Not affected: None. Fixed Versions: v1.0.3 Impact ------ Carefully crafted strings can cause user input...

6.1CVSS1.4AI score0.02196EPSS
Exploits0References1Affected Software1
Hacker One
Hacker One
added 2015/08/08 9:37 a.m.48 views

Ruby on Rails: Potential XSS on sanitize/Rails::Html::WhiteListSanitizer

Possible XSS vulnerability in rails-html-sanitizer There is a possible XSS vulnerability in the white list sanitizer in the rails-html-sanitizer gem. This vulnerability has been assigned the CVE identifier CVE-2015-7580. Versions Affected: All. Not affected: None. Fixed Versions: v1.0.3 Impact...

4.3CVSS6AI score0.02196EPSS
Exploits0
Rows per page
Query Builder