Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-63CF54DDA6DF24B2BB662F89268E95F8HistoryMar 19, 2013 - 12:00 a.m.
XSS vulnerability in sanitize_css in Action Pack
2013-03-1900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
19
0.004 Low
EPSS
Percentile
73.9%
Carefully crafted text can bypass the sanitization provided in the sanitize_css method in Action Pack.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gem/actionpack | lt | 2.3.18 | |
| gem/actionpack | ge | 2.4.0 | |
| gem/actionpack | lt | 3.1.12 | |
| gem/actionpack | ge | 3.2.0 | |
| gem/actionpack | lt | 3.2.13 |
Related
cve
cve
CVE-2013-1855
2013-03-19 22:55:01
seebug
seebug
Ruby on Rails 'sanitize_css()'ćšćłčˇ¨çŤčćŹćźć´(CVE-2013-1855)
2013-03-20 00:00:00
ubuntucve
ubuntucve
CVE-2013-1855
2013-03-19 00:00:00
prion
prion
Cross site scripting
2013-03-19 22:55:00
nvd
nvd
CVE-2013-1855
2013-03-19 22:55:01
cvelist
cvelist
CVE-2013-1855
2013-03-19 22:00:00
github
github
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:37
debiancve
debiancve
CVE-2013-1855
2013-03-19 22:55:01
veracode
veracode
Cross-site Scripting (XSS)
2019-01-15 08:51:19
osv
osv
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:37
rubygems
rubygems
nessus
nessus
Fedora 18 : rubygem-actionpack-3.2.8-3.fc18 (2013-4214)
2013-04-01 00:00:00
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:0661-1)
2014-06-13 00:00:00
Fedora 17 : rubygem-actionpack-3.0.11-9.fc17 (2013-4199)
2013-04-01 00:00:00
redhat
redhat
openvas
openvas
Fedora Update for rubygem-actionpack FEDORA-2013-4214
2013-04-02 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2013-4214
2013-04-02 00:00:00
Debian: Security Advisory (DSA-2655-1)
2013-03-27 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-actionpack-3.2.8-3.fc18
2013-03-30 21:27:21
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-9.fc17
2013-03-30 21:27:37
freebsd
freebsd
rubygem-rails -- multiple vulnerabilities
2013-03-18 00:00:00
threatpost
threatpost
Ruby on Rails Patches DoS, XSS Vulnerabilities
2013-03-19 16:31:57
debian
debian
[SECURITY] [DSA 2655-1] rails security update
2013-03-28 16:15:56
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2013-06-17 00:00:00