Lucene search
Rails Admin ProjectRails Admin
4 matches found
CVE-2017-12098
An exploitable cross site scripting (XSS) vulnerability exists in the add filter functionality of the rails_admin rails gem version 1.2.0. A specially crafted URL can cause an XSS flaw resulting in an attacker being able to execute arbitrary javascript on the victim's browser. An attacker can phish...
6.1CVSS5.8AI score0.00397EPSS
CVE-2016-10522
rails_admin ruby gem
8.8CVSS8.8AI score0.00162EPSS
CVE-2020-36190
RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows XSS via nested forms.
6.1CVSS6.1AI score0.00307EPSS
CVE-2024-39308
RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released).
6.8CVSS5.3AI score0.0014EPSS