Lucene search
K

8 matches found

RedhatCVE
RedhatCVE
added 2018/04/18 10:49 a.m.35 views

CVE-2018-3741

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...

6.1CVSS3.1AI score0.01984EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2018/03/30 7:29 p.m.24 views

CVE-2018-3741

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...

6.1CVSS6.6AI score0.01289EPSS
Exploits0References2
NVD
NVD
added 2018/03/30 7:29 p.m.29 views

CVE-2018-3741

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...

6.1CVSS5.8AI score0.01289EPSS
Exploits0References1
OSV
OSV
added 2018/03/30 7:29 p.m.26 views

CVE-2018-3741

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...

6.1CVSS6AI score
Exploits0References1
Cvelist
Cvelist
added 2018/03/30 7:0 p.m.36 views

CVE-2018-3741

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...

6.1AI score0.01289EPSS
Exploits0References1
CVE
CVE
added 2018/03/30 7:0 p.m.113 views

CVE-2018-3741

CVE-2018-3741 affects the Ruby Rails ecosystem via the rails-html-sanitizer gem. The vulnerability occurs in all versions below 1.0.4 where non‑whitelisted HTML attributes can appear in sanitized output when processing specially crafted HTML fragments, enabling an XSS attack against target applic...

6.1CVSS5.9AI score0.01289EPSS
Exploits0References1Affected Software1
Debian CVE
Debian CVE
added 2018/03/30 7:0 p.m.30 views

CVE-2018-3741

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications...

6.1CVSS5.8AI score0.01289EPSS
Exploits0
Hacker One
Hacker One
added 2018/03/21 2:57 p.m.142 views

Ruby on Rails: XSS vulnerability in sanitize-method when parsing link's href

Possible XSS vulnerability in rails-html-sanitizer There is a possible XSS vulnerability in rails-html-sanitizer. This vulnerability has been assigned the CVE identifier CVE-2018-3741. Versions Affected: 1.0.3 or older. Not affected: None. Fixed Versions: 1.0.4 Impact ------ There is a possible X...

4.3CVSS6.2AI score0.01984EPSS
Exploits0
Rows per page
Query Builder