Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:35290
HistoryApr 28, 2022 - 11:03 a.m.

Cross-site Scripting (XSS)

2022-04-2811:03:05
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
70
rails
xss
action view

EPSS

0.001

Percentile

34.7%

rails is vulnerable to cross-site scripting(XSS) attacks. The library does not properly escape input data passed as hash keys for tag attributes in Action View tag helpers, allowing an attacker to inject and execute malicious javascript.