Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
gitlabHttps://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-378717077FB6D911C5287C48C3C31886
HistoryDec 06, 2013 - 12:00 a.m.

XSS Vulnerability in number_to_currency

2013-12-0600:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
23

0.003 Low

EPSS

Percentile

70.7%

JSON

The number_to_currency helper allows users to nicely format a numeric value. The unit parameter is not escaped correctly. Application which pass user controlled data as the unit parameter are vulnerable to an XSS attack.

Related

debiancve 1
cve 1
osv 1
prion 1
github 1
cvelist 1
nvd 1
ubuntucve 1
nessus 11
openvas 13
debian 1
fedora 7
securityvulns 2
freebsd 1
redhat 3
debiancve
debiancve
CVE-2013-6415
2013-12-07 00:55:03
cve
cve
CVE-2013-6415
2013-12-07 00:55:03
osv
osv
actionpack vulnerable to Cross-site Scripting
2017-10-24 18:33:36
prion
prion
Cross site scripting
2013-12-07 00:55:00
github
github
actionpack vulnerable to Cross-site Scripting
2017-10-24 18:33:36
cvelist
cvelist
CVE-2013-6415
2013-12-07 00:00:00
nvd
nvd
CVE-2013-6415
2013-12-07 00:55:03
ubuntucve
ubuntucve
CVE-2013-6415
2013-12-07 00:00:00
nessus
nessus
openSUSE Security Update : rubygem-actionpack-2_3 (openSUSE-SU-2013:1905-1)
2014-06-13 00:00:00
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:1906-1)
2014-06-13 00:00:00
FreeBSD : rails -- multiple vulnerabilities (6a806960-3016-44ed-8575-8614a7cb57c7)
2013-12-09 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-2888-1)
2014-03-26 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2014-0970
2014-01-27 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2014-0970
2014-01-27 00:00:00
debian
debian
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update
2014-03-27 15:04:16
fedora
fedora
[SECURITY] Fedora 19 Update: rubygem-actionpack-3.2.13-4.fc19
2014-01-24 07:50:26
[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-3.fc20
2014-03-11 04:00:14
[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-2.fc20
2014-03-07 06:36:05
securityvulns
securityvulns
Ruby Actionpack / Actionmailer multiple security vulnerabilities
2014-05-04 00:00:00
[SECURITY] [DSA 2888-1] ruby-actionpack-3.2 security update
2014-05-04 00:00:00
freebsd
freebsd
rails -- multiple vulnerabilities
2013-12-03 00:00:00
redhat
redhat
(RHSA-2014:0008) Important: ruby193-rubygem-actionpack security update
2014-01-06 00:00:00
(RHSA-2013:1794) Important: ruby193-rubygem-actionpack security update
2013-12-05 00:00:00
(RHSA-2014:1863) Important: Subscription Asset Manager 1.4 security update
2014-11-17 00:00:00

0.003 Low

EPSS

Percentile

70.7%

JSON
Related for GITLAB-378717077FB6D911C5287C48C3C31886
debiancve1cve1osv1prion1github1cvelist1nvd1ubuntucve1nessus11openvas13debian1fedora7securityvulns2freebsd1redhat3