Skip to content
GitLab
Menu
Projects
Groups
Snippets
Help
Help
Support
Community forum
Keyboard shortcuts
?
Submit feedback
Contribute to GitLab
Sign in
Toggle navigation
Menu
Open sidebar
Steve Wills
ruby-advisory-db
Commits
3fe10df4
Commit
3fe10df4
authored
Dec 03, 2013
by
Postmodern
Browse files
Added an advisory for actionpack's CVE-2013-4491.
parent
2f4e0a09
Changes
1
Hide whitespace changes
Inline
Side-by-side
gems/actionpack/CVE-2013-4491.yml
0 → 100644
View file @
3fe10df4
---
gem
:
actionpack
framework
:
rails
cve
:
2013-4491
osvdb
:
url
:
https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
title
:
Reflective XSS Vulnerability in Ruby on Rails
date
:
2013-12-03
description
:
|
There is a vulnerability in the internationalization component of Ruby on
Rails. Under certain common configurations an attacker can provide specially
crafted input which will execute a reflective XSS attack.
The root cause of this issue is a vulnerability in the i18n gem which has
been assigned the identifier CVE-2013-4492.
cvss_v2
:
patched_versions
:
-
~> 3.2.16
-
"
>=
4.0.2"
Write
Preview
Supports
Markdown
0%
Try again
or
attach a new file
.
Attach a file
Cancel
You are about to add
0
people
to the discussion. Proceed with caution.
Finish editing this message first!
Cancel
Please
register
or
sign in
to comment
