Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2017-0182

Malware in sbrugna...

4.3CVSS7.3AI score0.0235EPSS
Exploits1References21
OSV
OSV
added 2017/10/24 6:33 p.m.29 views

GHSA-75W6-P6MG-VH8J Rails actionpack gem vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

4.3CVSS5.2AI score0.0235EPSS
Exploits1References16
Github Security Blog
Github Security Blog
added 2017/10/24 6:33 p.m.37 views

Rails actionpack gem vulnerable to Cross-site Scripting

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

4.3CVSS5.4AI score0.0235EPSS
Exploits1References16Affected Software2
GitLab Advisory Database
GitLab Advisory Database
added 2017/10/24 12:0 a.m.35 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

4.3CVSS5.9AI score0.0235EPSS
Exploits1References15Affected Software1
GitLab Advisory Database
GitLab Advisory Database
added 2017/10/24 12:0 a.m.33 views

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

4.3CVSS5.9AI score0.0235EPSS
Exploits1References16Affected Software1
OSV
OSV
added 2011/02/14 9:0 p.m.11 views

CVE-2011-0446

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

5.4AI score
Exploits0References11
OSV
OSV
added 2011/02/14 9:0 p.m.3 views

DEBIAN-CVE-2011-0446

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

4.3CVSS5.9AI score0.0235EPSS
Exploits1References1
Prion
Prion
added 2011/02/14 9:0 p.m.25 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

4.3CVSS5.8AI score0.0235EPSS
Exploits1References11Affected Software1
Cvelist
Cvelist
added 2011/02/14 8:0 p.m.39 views

CVE-2011-0446

Multiple cross-site scripting XSS vulnerabilities in the mailto helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted 1 name or 2 email value...

5.4AI score0.0235EPSS
Exploits1References11
Rows per page
Query Builder