Lucene search
Https://gitlab.com/gitlab-org/security-products/gemnasium-dbGITLAB-FBA333B8C63FDE85A618250EF5A55462HistoryMar 19, 2013 - 12:00 a.m.
XSS Vulnerability in the `sanitize` helper
2013-03-1900:00:00
https://gitlab.com/gitlab-org/security-products/gemnasium-db
gitlab.com
20
0.004 Low
EPSS
Percentile
73.9%
The sanitize helper in Ruby on Rails is designed to filter HTML and remove all tags and attributes which could be malicious.
| CPE | Name | Operator | Version |
|---|---|---|---|
| gem/actionpack | lt | 2.3.18 | |
| gem/actionpack | ge | 2.4.0 | |
| gem/actionpack | lt | 3.1.12 | |
| gem/actionpack | ge | 3.2.0 | |
| gem/actionpack | lt | 3.2.13 |
Related
cve
cve
CVE-2013-1857
2013-03-19 22:55:01
prion
prion
Cross site scripting
2013-03-19 22:55:00
nvd
nvd
CVE-2013-1857
2013-03-19 22:55:01
cvelist
cvelist
CVE-2013-1857
2013-03-19 22:00:00
osv
osv
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:37
github
github
actionpack Cross-site Scripting vulnerability
2017-10-24 18:33:37
debiancve
debiancve
CVE-2013-1857
2013-03-19 22:55:01
ubuntucve
ubuntucve
CVE-2013-1857
2013-03-19 00:00:00
rubygems
rubygems
nessus
nessus
Fedora 17 : rubygem-actionpack-3.0.11-9.fc17 (2013-4199)
2013-04-01 00:00:00
RHEL 6 : rubygem-actionpack and ruby193-rubygem-actionpack (RHSA-2013:0698)
2018-12-06 00:00:00
openSUSE Security Update : rubygem-actionpack-3_2 (openSUSE-SU-2013:0661-1)
2014-06-13 00:00:00
redhat
redhat
ibm
ibm
openvas
openvas
Fedora Update for rubygem-actionpack FEDORA-2013-4214
2013-04-02 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2013-4214
2013-04-02 00:00:00
Debian Security Advisory DSA 2655-1 (rails - several vulnerabilities)
2013-03-28 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: rubygem-actionpack-3.2.8-3.fc18
2013-03-30 21:27:21
[SECURITY] Fedora 17 Update: rubygem-actionpack-3.0.11-9.fc17
2013-03-30 21:27:37
freebsd
freebsd
rubygem-rails -- multiple vulnerabilities
2013-03-18 00:00:00
threatpost
threatpost
Ruby on Rails Patches DoS, XSS Vulnerabilities
2013-03-19 16:31:57
debian
debian
[SECURITY] [DSA 2655-1] rails security update
2013-03-28 16:15:56
securityvulns
securityvulns
Apple Mac OS X multiple security vulnerabilities
2013-06-17 00:00:00
gentoo
gentoo
Ruby on Rails: Multiple vulnerabilities
2014-12-14 00:00:00