Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS due to certain configurations of rails::Html::Sanitizer which allow attackers to inject content if the application developer have overridden the sanitizer's allowed tags in either of the following ways: 1 allow...