Lucene search
K

4 matches found

OSV
OSV
added 2026/03/23 10:58 p.m.5 views

CVE-2026-33167 Rails has a possible XSS vulnerability in its Action Pack debug exceptions

Action Pack is a Rubygem for building web applications on the Rails framework. In versions on the 8.1 branch prior to 8.1.2.1, the debug exceptions page does not properly escape exception messages. A carefully crafted exception message could inject arbitrary HTML and JavaScript into the page,...

5.3CVSS6AI score0.00401EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/23 12:0 a.m.10 views

Rails Action Pack 跨站脚本漏洞

Rails Action Pack is a web framework developed by the Rails team in the United States. It provides a routing mechanism mapping request URLs to actions, defines controllers for handling actions, and includes mechanisms for generating responses through rendering views templates in various formats...

5.3CVSS5.7AI score0.00401EPSS
Exploits0References4
RubySec
RubySec
added 2026/03/23 12:0 a.m.45 views

Rails has a possible XSS vulnerability in its Action Pack debug exceptions

Impact The debug exceptions page does not properly escape exception messages. A carefully crafted exception message could inject arbitrary HTML and JavaScript into the page, leading to XSS. This affects applications with detailed exception pages enabled config.considerallrequestslocal = true, whi...

5.3CVSS5.9AI score0.00401EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/06/24 12:0 a.m.4 views

Mozilla Firefox 安全漏洞

Mozilla Firefox is an open source web browser from the Mozilla Foundation in the United States. A security vulnerability exists in Mozilla Firefox versions prior to 140, which stems from a lack of anti-click hijacking latency on HTTPS-Only enabled exception pages, which could lead to users being...

4.3CVSS4.5AI score0.00227EPSS
Exploits0References4
Rows per page
Query Builder