An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.
CPE | Name | Operator | Version |
---|---|---|---|
debian_linux | eq | 10.0 | |
actionpack | ge | 7.0.0 | |
actionpack | lt | 7.0.2.4 | |
actionpack | ge | 6.1.0 | |
actionpack | lt | 6.1.5.1 | |
actionpack | ge | 6.0.0 | |
actionpack | lt | 6.0.4.8 | |
actionpack | ge | 5.2.0 | |
actionpack | lt | 5.2.7.1 |