Lucene search
PRIOn knowledge basePRION:CVE-2022-23515HistoryDec 14, 2022 - 2:15 p.m.
Cross site scripting
2022-12-1414:15:00
PRIOn knowledge base
www.prio-n.com
7
loofah
html
xml
cross-site scripting
nokogiri
data uris
media type
image/svg+xml
vulnerability
patch
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.
Related
ubuntucve
ubuntucve
CVE-2022-23515
2022-12-14 00:00:00
hackerone
hackerone
veracode
veracode
Cross-Site Scripting (XSS)
2022-12-14 04:47:44
osv
osv
CVE-2022-23515
2022-12-14 14:15:10
Improper neutralization of data URIs may allow XSS in Loofah
2022-12-13 17:39:36
ruby-loofah - security update
2023-09-13 00:00:00
redhatcve
redhatcve
CVE-2022-23515
2022-12-14 11:35:22
nvd
nvd
CVE-2022-23515
2022-12-14 14:15:10
github
github
Improper neutralization of data URIs may allow XSS in Loofah
2022-12-13 17:39:36
cve
cve
CVE-2022-23515
2022-12-14 14:15:10
debiancve
debiancve
CVE-2022-23515
2022-12-14 14:15:10
cvelist
cvelist
CVE-2022-23515 Improper neutralization of data URIs may allow XSS in Loofah
2022-12-14 13:23:02
nessus
nessus
Fedora 40 : rubygem-loofah (2023-1bbea3700b)
2024-04-29 00:00:00
Debian DLA-3565-1 : ruby-loofah - LTS security update
2023-09-14 00:00:00
debian
debian
[SECURITY] [DLA 3565-1] ruby-loofah security update
2023-09-13 15:09:07
openvas
openvas
Debian: Security Advisory (DLA-3565-1)
2023-09-14 00:00:00
rocky
rocky
Satellite 6.13 Release
2023-05-05 15:39:58
redhat
redhat
(RHSA-2023:2097) Important: Satellite 6.13 Release
2023-05-03 13:09:51