Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-7A06F2157FB656304979C2BC3EF54528HistoryDec 06, 2013 - 12:00 a.m.
XSS Vulnerability in simple_format helper
2013-12-0600:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
19
EPSS
0.002
Percentile
56.9%
The simple_format helper converts user supplied text into html text which is intended to be safe for display. A change made to the implementation of this helper means that any user provided HTML attributes will not be escaped correctly. As a result of this error, applications which pass user-controlled data to be included as html attributes will be vulnerable to an XSS attack.
References
Related
github
github
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:36
osv
osv
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:36
prion
prion
Cross site scripting
2013-12-07 00:55:00
ubuntucve
ubuntucve
CVE-2013-6416
2013-12-07 00:00:00
cve
cve
CVE-2013-6416
2013-12-07 00:55:03
debiancve
debiancve
CVE-2013-6416
2013-12-07 00:55:03
cvelist
cvelist
CVE-2013-6416
2013-12-07 00:00:00
rubygems
rubygems
XSS Vulnerability in simple_format helper
2013-12-02 20:00:00
nvd
nvd
CVE-2013-6416
2013-12-07 00:55:03
nessus
nessus
FreeBSD : rails -- multiple vulnerabilities (6a806960-3016-44ed-8575-8614a7cb57c7)
2013-12-09 00:00:00
Fedora 20 : rubygem-actionpack-4.0.0-2.fc20 (2013-23636)
2014-03-07 00:00:00
freebsd
freebsd
rails -- multiple vulnerabilities
2013-12-03 00:00:00
openvas
openvas
Fedora Update for rubygem-actionpack FEDORA-2013-23636
2014-03-12 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2013-23636
2014-03-12 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2014-3169
2014-03-12 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-4.fc20
2014-05-23 18:56:34
[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-2.fc20
2014-03-07 06:36:05
[SECURITY] Fedora 20 Update: rubygem-actionpack-4.0.0-3.fc20
2014-03-11 04:00:14