4 matches found
SUSE CVE-2012-1099
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...
DEBIAN-CVE-2012-1099
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...
CVE-2012-1099
Cross-site scripting XSS vulnerability in actionpack/lib/actionview/helpers/formoptionshelper.rb in the select helper in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving certain...
CVE-2012-1099
Concretely, CVE-2012-1099 affects Ruby on Rails ActionPack’s select helper in action_view/form_options_helper.rb. The vulnerability allows remote XSS via certain OPTION element generation in , impacting Rails 3.0.x (<3.0.12), 3.1.x (<3.1.4), and 3.2.x (