CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
AI Score
Confidence
High
EPSS
Percentile
47.2%
It was discovered that Sanitize incorrectly handled noscript elements
under certain circumstances. An attacker could possibly use this issue to
execute a cross-site scripting (XSS) attack. This issue only affected
Ubuntu 22.04 LTS. (CVE-2023-23627)
It was discovered that Sanitize incorrectly handled style elements under
certain circumstances. An attacker could possibly use this issue to
execute a cross-site scripting (XSS) attack. (CVE-2023-36823)
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 23.10 | noarch | ruby-sanitize | < 6.0.0-1.1ubuntu0.23.10.1 | UNKNOWN |
Ubuntu | 22.04 | noarch | ruby-sanitize | < 6.0.0-1ubuntu0.1 | UNKNOWN |
Ubuntu | 20.04 | noarch | ruby-sanitize | < 4.6.6-2.1~0.20.04.2 | UNKNOWN |