Lucene search
PRIOn knowledge basePRION:CVE-2016-6316HistorySep 07, 2016 - 7:28 p.m.
Cross site scripting
2016-09-0719:28:00
PRIOn knowledge base
www.prio-n.com
6
Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as “HTML safe” and used as attribute values in tag handlers.
| CPE | Name | Operator | Version |
|---|---|---|---|
| debian_linux | eq | 8.0 | |
| rails | eq | 3.0.0 beta | |
| rails | eq | 3.0.0 beta2 | |
| rails | eq | 3.0.0 beta3 | |
| rails | eq | 3.0.0 beta4 | |
| rails | eq | 3.0.0 rc | |
| rails | eq | 3.0.0 rc2 | |
| rails | eq | 3.0.0 | |
| rails | eq | 4.0.0 | |
| rails | eq | 4.0.1 |
References
rhn.redhat.com/errata/RHSA-2016-1855.html
rhn.redhat.com/errata/RHSA-2016-1856.html
rhn.redhat.com/errata/RHSA-2016-1857.html
rhn.redhat.com/errata/RHSA-2016-1858.html
weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/
www.debian.org/security/2016/dsa-3651
www.openwall.com/lists/oss-security/2016/08/11/3
www.securityfocus.com/bid/92430
groups.google.com/forum/
puppet.com/security/cve/cve-2016-6316
Related
redhat
redhat
(RHSA-2016:1858) Moderate: ruby193-rubygem-actionpack security update
2016-09-13 09:51:35
(RHSA-2016:1857) Moderate: ror40-rubygem-actionpack security update
2016-09-13 09:51:16
(RHSA-2016:1856) Moderate: rh-ror41-rubygem-actionview security update
2016-09-13 09:50:58
openvas
openvas
Debian: Security Advisory (DSA-3651-1)
2016-08-24 00:00:00
Ruby on Rails Action View Cross Site Scripting Vulnerability - Windows
2016-10-13 00:00:00
Fedora Update for rubygem-actionview FEDORA-2016-0d9890f7b5
2016-08-27 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: rubygem-actionview-4.2.3-6.fc23
2016-08-26 12:50:04
[SECURITY] Fedora 24 Update: rubygem-actionview-4.2.5.2-3.fc24
2016-08-26 10:24:48
[SECURITY] Fedora 25 Update: rubygem-actioncable-5.0.0.1-1.fc25
2016-08-27 11:11:22
debiancve
debiancve
CVE-2016-6316
2016-09-07 19:28:10
github
github
actionview Cross-site Scripting vulnerability
2017-10-24 18:33:35
cve
cve
CVE-2016-6316
2016-09-07 19:28:10
freebsd
freebsd
Rails 4 -- Possible XSS Vulnerability in Action View
2016-08-11 00:00:00
nessus
nessus
FreeBSD : Rails 4 -- Possible XSS Vulnerability in Action View (43f1c867-654a-11e6-8286-00248c0c745d)
2016-10-17 00:00:00
Debian DSA-3651-1 : rails - security update
2016-08-26 00:00:00
Fedora 24 : rubygem-actionview (2016-0d9890f7b5)
2016-08-29 00:00:00
debian
debian
[SECURITY] [DSA 3651-1] rails security update
2016-08-25 16:20:10
[SECURITY] [DSA 3651-1] rails security update
2016-08-25 16:20:10
[SECURITY] [DLA 604-1] ruby-actionpack-3.2 security update
2016-08-28 18:14:37
redhatcve
redhatcve
CVE-2016-6316
2016-08-12 06:18:33
gitlab
gitlab
Possible XSS Vulnerability
2016-09-07 00:00:00
veracode
veracode
Cross-Site Scripting (XSS)
2019-01-15 09:13:09
threatpost
threatpost
GPG Patches 18-Year-Old Libgcrypt RNG Bug
2016-08-18 12:39:21
osv
osv
actionview Cross-site Scripting vulnerability
2017-10-24 18:33:35
rails - security update
2016-08-25 00:00:00
ruby-actionpack-3.2 - security update
2016-08-28 00:00:00
cvelist
cvelist
CVE-2016-6316
2016-09-07 19:00:00
nvd
nvd
CVE-2016-6316
2016-09-07 19:28:10
ubuntucve
ubuntucve
CVE-2016-6316
2016-09-07 00:00:00