Lucene search
PRIOn knowledge basePRION:CVE-2012-1098HistoryMar 13, 2012 - 10:55 a.m.
Cross site scripting
2012-03-1310:55:00
PRIOn knowledge base
www.prio-n.com
13
Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rails | eq | 3.0.0 beta | |
| rails | eq | 3.0.0 beta2 | |
| rails | eq | 3.0.0 beta3 | |
| rails | eq | 3.0.0 beta4 | |
| rails | eq | 3.0.0 rc | |
| rails | eq | 3.0.0 rc2 | |
| rails | eq | 3.0.1 pre | |
| rails | eq | 3.0.2 pre | |
| rails | eq | 3.0.0 | |
| rails | eq | 3.0.10 rc1 |
References
weblog.rubyonrails.org/2012/3/1/ann-rails-3-0-12-has-been-released
www.openwall.com/lists/oss-security/2012/03/02/6
www.openwall.com/lists/oss-security/2012/03/03/1
bugzilla.redhat.com/show_bug.cgi?id=799275
groups.google.com/group/rubyonrails-security/msg/1c2e01a5e42722c9?dmode=source&output=gplain
lists.fedoraproject.org/pipermail/package-announce/2012-March/075675.html
Related
nvd
nvd
CVE-2012-1098
2012-03-13 10:55:01
cve
cve
CVE-2012-1098
2012-03-13 10:55:01
debiancve
debiancve
CVE-2012-1098
2012-03-13 10:55:01
osv
osv
activesupport Cross-site Scripting vulnerability
2017-10-24 18:33:38
github
github
activesupport Cross-site Scripting vulnerability
2017-10-24 18:33:38
gitlab
gitlab
Direct Manipulation XSS
2012-03-13 00:00:00
ubuntucve
ubuntucve
CVE-2012-1098
2012-03-13 00:00:00
cvelist
cvelist
CVE-2012-1098
2012-03-13 10:00:00
rubygems
rubygems
fedora
fedora
[SECURITY] Fedora 17 Update: rubygem-activesupport-3.0.11-3.fc17
2012-03-11 17:01:21
[SECURITY] Fedora 16 Update: rubygem-activesupport-3.0.10-2.fc16
2012-03-17 23:41:07
[SECURITY] Fedora 16 Update: rubygem-activesupport-3.0.10-4.fc16
2012-08-22 21:13:38
openvas
openvas
Fedora Update for rubygem-activesupport FEDORA-2012-11880
2012-08-24 00:00:00
Fedora Update for rubygem-activesupport FEDORA-2012-11880
2012-08-24 00:00:00
Fedora Update for rubygem-actionpack FEDORA-2012-3166
2012-08-30 00:00:00
nessus
nessus