Lucene search
HackeroneCVELIST:CVE-2020-8264HistoryJan 06, 2021 - 9:02 p.m.
CVE-2020-8264
2021-01-0621:02:35
CWE-79
hackerone
www.cve.org
2
In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to send or embed (in another page) a specially crafted URL which can allow the attacker to execute JavaScript in the context of the local application. This vulnerability is in the Actionable Exceptions middleware.
CNA Affected
[
{
"product": "https://github.com/rails/rails",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "6.0.3.4"
}
]
}
]Related
ubuntucve
ubuntucve
CVE-2020-8264
2021-01-06 00:00:00
osv
osv
Cross-site scripting in actionpack
2021-04-07 20:58:47
CVE-2020-8264
2021-01-06 21:15:14
veracode
veracode
Cross-site Scripting (XSS)
2020-10-12 05:58:50
nvd
nvd
CVE-2020-8264
2021-01-06 21:15:14
prion
prion
Cross site scripting
2021-01-06 21:15:00
cve
cve
CVE-2020-8264
2021-01-06 21:15:14
redhatcve
redhatcve
CVE-2020-8264
2020-10-08 18:52:03
debiancve
debiancve
CVE-2020-8264
2021-01-06 21:15:14
rubygems
rubygems
Possible XSS Vulnerability in Action Pack in Development Mode
2020-10-06 21:00:00
freebsd
freebsd
Rails -- Possible XSS vulnerability
2020-10-07 00:00:00
github
github
Cross-site scripting in actionpack
2021-04-07 20:58:47
nessus
nessus
hackerone
hackerone
Ruby on Rails: Open Redirect (6.0.0 < rails < 6.0.3.2)
2020-06-21 02:15:14