Lucene search
K

36 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-0979

Malware in sbrugna...

6.1CVSS6.8AI score0.02372EPSS
Exploits0References13
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2024-0589

Malicious code in bioql PyPI...

6.1CVSS5.3AI score0.01034EPSS
Exploits1References9
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2024-26143

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using...

6.1CVSS6.3AI score0.01034EPSS
Exploits1References2
OSV
OSV
added 2024/12/20 9:50 a.m.13 views

BIT-RAILS-2024-26143 Rails Possible XSS Vulnerability in Action Controller

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

6.1CVSS4.9AI score0.01034EPSS
Exploits1References7
SUSE CVE
SUSE CVE
added 2024/02/29 3:37 a.m.4 views

SUSE CVE-2024-26143

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

5.4CVSS5.5AI score0.01034EPSS
Exploits1References4
Veracode
Veracode
added 2024/02/28 7:1 a.m.18 views

Cross-Site Scripting (XSS)

Rails is vulnerable to Cross-site Scripting XSS. The vulnerability is due to improper sanitization of user input in the translation helpers, specifically in the handling of the default option. This flaw allows an attacker to inject malicious JavaScript code into the browser, resulting in Cross-Si...

6.1CVSS6.3AI score0.01034EPSS
Exploits1References7Affected Software1
Github Security Blog
Github Security Blog
added 2024/02/27 9:41 p.m.50 views

Rails has possible XSS Vulnerability in Action Controller

Possible XSS Vulnerability in Action Controller There is a possible XSS vulnerability when using the translation helpers translate, t, etc in Action Controller. This vulnerability has been assigned the CVE identifier CVE-2024-26143. Versions Affected: = 7.0.0. Not affected: 7.0.0 Fixed Versions:...

6.1CVSS6.2AI score0.01034EPSS
Exploits1References8Affected Software2
OSV
OSV
added 2024/02/27 9:41 p.m.22 views

GHSA-9822-6M93-XQF4 Rails has possible XSS Vulnerability in Action Controller

Possible XSS Vulnerability in Action Controller There is a possible XSS vulnerability when using the translation helpers translate, t, etc in Action Controller. This vulnerability has been assigned the CVE identifier CVE-2024-26143. Versions Affected: = 7.0.0. Not affected: 7.0.0 Fixed Versions:...

6.1CVSS5.2AI score0.01034EPSS
Exploits1References8
NVD
NVD
added 2024/02/27 4:15 p.m.14 views

CVE-2024-26143

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

6.1CVSS5.9AI score0.01034EPSS
Exploits1References6
Prion
Prion
added 2024/02/27 4:15 p.m.28 views

Design/Logic Flaw

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

5.8CVSS6.1AI score0.01034EPSS
Exploits1References5
OSV
OSV
added 2024/02/27 4:15 p.m.3 views

UBUNTU-CVE-2024-26143

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

6.1CVSS6AI score0.01034EPSS
Exploits1References9
UbuntuCve
UbuntuCve
added 2024/02/27 4:15 p.m.32 views

CVE-2024-26143

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

6.1CVSS6.3AI score0.01034EPSS
Exploits1References8
Vulnrichment
Vulnrichment
added 2024/02/27 3:33 p.m.21 views

CVE-2024-26143 Rails Possible XSS Vulnerability in Action Controller

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

6.1CVSS5.9AI score0.01034EPSS
Exploits1References6
Debian CVE
Debian CVE
added 2024/02/27 3:33 p.m.20 views

CVE-2024-26143

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

6.1CVSS4.9AI score0.01034EPSS
Exploits1
CVE
CVE
added 2024/02/27 3:33 p.m.202 views

CVE-2024-26143

CVE-2024-26143 concerns Rails’ Action Controller translation helpers. Affected code paths involve using translate/t with a key ending in “_html” and a :default value containing untrusted input, where the resulting string is rendered in a view, creating an XSS risk. The issue is fixed in Rails ver...

6.1CVSS6AI score0.01034EPSS
Exploits1References6Affected Software1
Cvelist
Cvelist
added 2024/02/27 3:33 p.m.45 views

CVE-2024-26143 Rails Possible XSS Vulnerability in Action Controller

Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "html", a :default key which contains untrusted user input, and th...

6.1CVSS6AI score0.01034EPSS
Exploits1References6
Snyk
Snyk
added 2024/02/24 11:22 p.m.4 views

Cross-site Scripting (XSS)

Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS in the translation helpers translate, t, etc in Action Controller. An attacker can inject malicious scripts by using a key ending in html with a :default key that contains untrusted user input, if the resulting...

6.1CVSS5.3AI score0.01034EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/02/24 12:0 a.m.5 views

PT-2024-5871 · Unknown +1 · Ruby On Rails +1

Name of the Vulnerable Software and Affected Versions: Ruby on Rails versions prior to 7.1.3.1 Ruby on Rails versions prior to 7.0.8.1 Description: There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate,...

9.8CVSS5.6AI score0.02278EPSS
Exploits1References44
RubySec
RubySec
added 2024/02/21 12:0 a.m.23 views

Possible XSS Vulnerability in Action Controller

There is a possible XSS vulnerability when using the translation helpers translate, t, etc in Action Controller. This vulnerability has been assigned the CVE identifier CVE-2024-26143. Versions Affected: = 7.0.0 Not affected: 7.0.0 Fixed Versions: 7.1.3.1, 7.0.8.1 Impact Applications using...

6.1CVSS6.4AI score0.01034EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2023/04/27 2:32 p.m.5 views

SUSE-SU-2023:2059-1 Security update for rubygem-actionview-5_1

This update for rubygem-actionview-51 fixes the following issues: - CVE-2022-27777: Fixed possible cross-site scripting vulnerability in Action View tag helpers bsc1199060. - CVE-2020-15169: Fixed cross-site scripting in translation helpers bsc1176421. - CVE-2020-8167: Fixed CSRF vulnerability in...

6.5CVSS7.4AI score0.02372EPSS
Exploits2References7
Rows per page
Query Builder