2 matches found
GHSA-CFJV-5498-MPH5 XSS in Action View
There is a potential Cross-Site Scripting XSS vulnerability in Action View's translation helpers. Views that allow the user to control the default not found value of the t and translate helpers could be susceptible to XSS attacks. Impact When an HTML-unsafe string is passed as the default for a...
PT-2020-6207 · Ruby +3 · Ruby On Rails +3
Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions prior to 5.2.4.4 and 6.0.3.3 Description: The issue is related to a potential Cross-Site Scripting XSS vulnerability in Action View's translation helpers. Views that allow the user to control the default value of the t...