2 matches found
CVE-2017-12098
An exploitable cross site scripting XSS vulnerability exists in the add filter functionality of the railsadmin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browser. An attacker can phish ...
CVE-2017-12098
CVE-2017-12098 is an XSS vulnerability in the rails_admin gem (version 1.2.0) affecting the add filter functionality. A specially crafted URL can cause an attacker to execute arbitrary JavaScript in an authenticated user’s browser (phishing possible). This is documented across multiple sources (N...