Veracode Vulnerability DatabaseVERACODE:10725Cross-site Scripting (XSS)
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle (newline) characters, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences.
References
lists.apple.com/archives/security-announce/2013/Jun/msg00000.html
lists.apple.com/archives/security-announce/2013/Oct/msg00006.html
lists.opensuse.org/opensuse-updates/2013-04/msg00072.html
lists.opensuse.org/opensuse-updates/2013-04/msg00073.html
lists.opensuse.org/opensuse-updates/2014-01/msg00013.html
rhn.redhat.com/errata/RHSA-2013-0698.html
rhn.redhat.com/errata/RHSA-2014-1863.html
support.apple.com/kb/HT5784
weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/
access.redhat.com/errata/RHSA-2013:0698
access.redhat.com/errata/RHSA-2014:1863
access.redhat.com/security/cve/CVE-2013-1855
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=921331
groups.google.com/group/rubyonrails-security/msg/8ed835a97cdd1afd?dmode=source&output=gplain
rhn.redhat.com/errata/RHSA-2013-0698.html
Related
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N