| CVE-2022-23518 |
high |
— |
8.0 |
|
|
|
4y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with … |
| CVE-2022-23519 |
high |
— |
8.0 |
|
|
|
4y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may… |
| CVE-2022-23520 |
high |
— |
8.0 |
|
|
|
4y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Prior to version 1.4.4, there is a possible XSS vulnerability with certain configurations of Rails::Html::Sani… |
| CVE-2022-23517 |
high |
— |
8.0 |
|
|
|
4y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Certain configurations of rails-html-sanitizer < 1.4.4 use an inefficient regular expression that is susceptib… |
| CVE-2022-32209 |
high |
— |
8.0 |
|
|
|
4y ago |
# Possible XSS Vulnerability in Rails::Html::SanitizerThere is a possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer.This vulnerability has been assigned the CVE identifi… |
| CVE-2015-7578 |
medium |
6.1 |
6.1 |
|
|
|
11y ago |
Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag at… |
| CVE-2015-7579 |
medium |
6.1 |
6.1 |
|
|
|
11y ago |
Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via an HTML entity that i… |
| CVE-2015-7580 |
medium |
6.1 |
6.1 |
|
|
|
11y ago |
Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web sc… |
| CVE-2024-53985 |
unknown |
— |
— |
|
|
|
2y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used wi… |
| CVE-2024-53986 |
unknown |
— |
— |
|
|
|
2y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used wi… |
| CVE-2024-53987 |
unknown |
— |
— |
|
|
|
2y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used wi… |
| CVE-2024-53988 |
unknown |
— |
— |
|
|
|
2y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used wi… |
| CVE-2024-53989 |
unknown |
— |
— |
|
|
|
2y ago |
rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. There is a possible XSS vulnerability with certain configurations of Rails::HTML::Sanitizer 1.6.0 when used wi… |
| CVE-2018-3741 |
unknown |
— |
— |
|
|
|
8y ago |
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specia… |