Lucene search
Veracode Vulnerability DatabaseVERACODE:5694HistoryJan 12, 2018 - 7:02 a.m.
Cross-site Scripting (XSS)
2018-01-1207:02:21
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
5
0.001 Low
EPSS
Percentile
40.8%
rails_admin is vulnerable to cross-site scripting (XSS). The vulnerability exists in the add filter function and it allows arbitrary javascript to be executed when loaded.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rails_admin | le | 1.2.0 | |
| rails_admin | le | 1.2.0 |
References
www.securityfocus.com/bid/102486
github.com/sferik/rails_admin/issues/2985
github.com/sferik/rails_admin/pull/2894
github.com/sferik/rails_admin/pull/2987
mdb-dev.es/2018/01/11/vulnerability-spotlight-ruby-rails-gem-xss-vulnerabilities/
www.talosintelligence.com/reports/TALOS-2017-0450
www.talosintelligence.com/vulnerability_reports/TALOS-2017-0450
Related
osv
osv
rails_admin ruby gem XSS
2018-03-05 19:37:23
CVE-2017-12098
2018-01-19 19:29:00
prion
prion
Cross site scripting
2018-01-19 19:29:00
ubuntucve
ubuntucve
CVE-2017-12098
2018-01-19 00:00:00
cvelist
cvelist
CVE-2017-12098
2018-01-19 19:00:00
zdt
zdt
Ruby on Rails gem version 1.2.0 rails_admin XSS Vulnerability
2018-01-15 00:00:00
debiancve
debiancve
CVE-2017-12098
2018-01-19 19:29:00
github
github
rails_admin ruby gem XSS
2018-03-05 19:37:23
talos
talos
rails_admin rails gem XSS vulnerability
2018-01-10 00:00:00
seebug
seebug
rails_admin rails gem XSS vulnerability(CVE-2017-12098)
2018-01-11 00:00:00
nvd
nvd
CVE-2017-12098
2018-01-19 19:29:00
cve
cve
CVE-2017-12098
2018-01-19 19:29:00
talosblog
talosblog
Vulnerability Spotlight: Ruby Rails Gem XSS Vulnerabilities
2018-01-10 06:03:00