Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:37697
HistoryOct 27, 2022 - 3:29 a.m.

Cross-site Scripting (XSS)

2022-10-2703:29:45
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
6

0.001 Low

EPSS

Percentile

21.8%

rails is vulnerable to cross-site scripting(XSS) attacks. The use of the innerHTML in checkNoMatch function allows a remote authenticated attacker to inject and execute malicious JavaScript on victim’s browser.

CPENameOperatorVersion
railsle7.0.4
railsle7.0.4

0.001 Low

EPSS

Percentile

21.8%