Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debiancveDebian Security Bug TrackerDEBIANCVE:CVE-2023-28362
HistoryJul 14, 2023 - 4:32 p.m.

CVE-2023-28362

2023-07-1416:32:27
Debian Security Bug Tracker
security-tracker.debian.org
11
xss
user supplied values
redirect
cve-2023-28362
unix
JSON

Possible XSS via User Supplied Values to redirect_to

OSVersionArchitecturePackageVersionFilename
Debian12allrails<= 2:6.1.7.3+dfsg-2~deb12u1rails_2:6.1.7.3+dfsg-2~deb12u1_all.deb
Debian11allrails<= 2:6.0.3.7+dfsg-2+deb11u2rails_2:6.0.3.7+dfsg-2+deb11u2_all.deb
Debian999allrails<= 2:6.1.7.3+dfsg-3rails_2:6.1.7.3+dfsg-3_all.deb
Debian13allrails<= 2:6.1.7.3+dfsg-3rails_2:6.1.7.3+dfsg-3_all.deb

Related

hackerone 1
veracode 1
nessus 2
openvas 1
github 1
redhatcve 1
osv 1
ubuntucve 1
ibm 2
cve 1
rubygems 1
redhat 1
hackerone
hackerone
Ruby on Rails: Incorrect handling of certain characters passed to the redirection functionality in Rails can lead to a single-click XSS vulnerability.
2023-04-20 01:32:01
veracode
veracode
Cross-site Scripting (XSS)
2023-07-03 09:16:23
nessus
nessus
SUSE SLES15 / openSUSE 15 Security Update : rubygem-actionpack-5_1 (SUSE-SU-2023:3229-1)
2023-08-09 00:00:00
RHEL 8 : Satellite 6.14.1 Async Security Update (Moderate) (RHSA-2023:7851)
2024-04-28 00:00:00
openvas
openvas
openSUSE: Security Advisory for rubygem (SUSE-SU-2023:3229-1)
2024-03-04 00:00:00
github
github
Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to
2023-06-29 15:03:16
redhatcve
redhatcve
CVE-2023-28362
2023-07-13 16:35:45
osv
osv
Actionpack has possible cross-site scripting vulnerability via User Supplied Values to redirect_to
2023-06-29 15:03:16
ubuntucve
ubuntucve
CVE-2023-28362
2023-07-17 00:00:00
ibm
ibm
Security Bulletin: A vulnerability in Ruby on Rails affects IBM License Metric Tool v9 (CVE-2023-28362) and could allow cross-site scripting.
2023-09-22 08:32:45
Security Bulletin: Multiple Vulnerabilities in CloudPak for Watson AIOps
2023-07-27 09:18:06
cve
cve
CVE-2023-28362
2023-07-14 16:32:27
rubygems
rubygems
Possible XSS via User Supplied Values to redirect_to
2023-06-25 21:00:00
redhat
redhat
(RHSA-2023:7851) Moderate: Satellite 6.14.1 Async Security Update
2023-12-14 16:20:36
JSON
Related for DEBIANCVE:CVE-2023-28362
hackerone1veracode1nessus2openvas1github1redhatcve1osv1ubuntucve1ibm2cve1rubygems1redhat1