Lucene search
GoogleOSV:CVE-2020-5267HistoryMar 19, 2020 - 6:15 p.m.
CVE-2020-5267
2020-03-1918:15:16
Google
osv.dev
10
In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView’s JavaScript literal escape helpers. Views that use the j or escape_javascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.
References
lists.opensuse.org/opensuse-security-announce/2020-05/msg00019.html
www.openwall.com/lists/oss-security/2020/03/19/1
github.com/rails/rails/commit/033a738817abd6e446e1b320cb7d1a5c15224e9a
github.com/rails/rails/security/advisories/GHSA-65cv-r6x7-79hv
lists.debian.org/debian-lts-announce/2020/03/msg00022.html
lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/XJ7NUWXAEVRQCROIIBV4C6WXO6IR3KSB/
Related
ubuntucve
ubuntucve
CVE-2020-5267
2020-03-19 00:00:00
nvd
nvd
CVE-2020-5267
2020-03-19 18:15:16
openvas
openvas
Debian: Security Advisory (DLA-2149-1)
2020-03-20 00:00:00
Fedora: Security Advisory for rubygem-railties (FEDORA-2020-4dd34860a3)
2020-10-05 00:00:00
prion
prion
Cross site scripting
2020-03-19 18:15:00
osv
osv
rails - security update
2020-03-20 00:00:00
Cross site scripting vulnerability in ActionView
2020-03-19 17:30:29
debian
debian
[SECURITY] [DLA 2149-1] rails security update
2020-03-20 00:10:53
redhatcve
redhatcve
CVE-2020-5267
2020-05-05 07:39:51
rubygems
rubygems
Possible XSS vulnerability in ActionView
2020-03-18 21:00:00
cvelist
cvelist
CVE-2020-5267 Possible XSS vulnerability in ActionView
2020-03-19 17:30:16
nessus
nessus
Debian DLA-2149-1 : rails security update
2020-03-20 00:00:00
SUSE SLED15 / SLES15 Security Update : rubygem-actionview-5_1 (SUSE-SU-2020:1178-1)
2020-05-11 00:00:00
openSUSE Security Update : rubygem-actionview-5_1 (openSUSE-2020-627)
2020-05-11 00:00:00
cve
cve
CVE-2020-5267
2020-03-19 18:15:16
debiancve
debiancve
CVE-2020-5267
2020-03-19 18:15:16
veracode
veracode
Cross-site Scripting (XSS)
2020-03-20 05:35:11
github
github
Cross site scripting vulnerability in ActionView
2020-03-19 17:30:29
gitlab
gitlab
Cross-site Scripting
2020-03-19 00:00:00
suse
suse
Security update for rubygem-actionview-5_1 (moderate)
2020-05-11 00:00:00
Security update for rmt-server (important)
2020-11-23 00:00:00
Security update for rmt-server (important)
2020-11-21 00:00:00
fedora
fedora
[SECURITY] Fedora 33 Update: rubygem-activemodel-6.0.3.3-1.fc33
2020-10-05 00:18:00
[SECURITY] Fedora 33 Update: rubygem-rails-6.0.3.3-1.fc33
2020-10-05 00:18:00
[SECURITY] Fedora 33 Update: rubygem-image_processing-1.11.0-1.fc33
2020-10-05 00:18:00
redhat
redhat
(RHSA-2020:4366) Important: Satellite 6.8 release
2020-10-27 12:45:25