Lucene search

K

PRIOn knowledge basePRION:CVE-2011-0446

HistoryFeb 14, 2011 - 9:00 p.m.

Cross site scripting

2011-02-1421:00:00

PRIOn knowledge base

www.prio-n.com

7

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or (2) email value.

CPENameOperatorVersion
railseq2.0.1
railseq2.0.2
railseq2.0.4
railseq2.1.0
railseq2.1.1
railseq2.1.2
railseq2.2.0
railseq2.2.1
railseq2.2.2
railseq2.3.2

Rows per page:

1-10 of 301

References

secunia.com/advisories/43274

secunia.com/advisories/43666

www.debian.org/security/2011/dsa-2247

www.securityfocus.com/bid/46291

www.securitytracker.com/id?1025064

www.vupen.com/english/advisories/2011/0587

www.vupen.com/english/advisories/2011/0877

groups.google.com/group/rubyonrails-security/msg/365b8a23b76a6b4a?dmode=source&output=gplain

lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html

lists.fedoraproject.org/pipermail/package-announce/2011-March/055074.html

lists.fedoraproject.org/pipermail/package-announce/2011-March/055088.html

5.8 Medium

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

69.4%

Related for PRION:CVE-2011-0446

nvd1 debiancve1 github1 gitlab2 cvelist1 cve1 openvas10 osv2 ubuntucve1 fedora11 securityvulns2 nessus7 seebug1 debian1 gentoo1