Sha256: 4d6b703700a4dc415f0a565aad2a0e8666cb4d78490893067bc2b24373d10370

Contents?: true

Size: 462 Bytes

Versions: 9

Compression:

Stored size: 462 Bytes

Contents

--- 
gem: actionpack
framework: rails
cve: 2013-1855
osvdb: 91452
url: http://www.osvdb.org/show/osvdb/91452
title: XSS vulnerability in sanitize_css in Action Pack
date: 2013-03-19

description: | 
  There is an XSS vulnerability in the `sanitize_css` method in Action
  Pack. Carefully crafted text can bypass the sanitization provided in
  the `sanitize_css` method in Action Pack

cvss_v2: 4.0

patched_versions: 
  - ~> 2.3.18
  - ~> 3.1.12
  - ">= 3.2.13"

Version data entries

9 entries across 9 versions & 2 rubygems

Version Path
bundler-audit-0.4.0 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
mrjoy-bundler-audit-0.3.2 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
mrjoy-bundler-audit-0.3.1 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
bundler-audit-0.3.0 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
mrjoy-bundler-audit-0.2.1 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
bundler-audit-0.2.0 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml
mrjoy-bundler-audit-0.1.4 data/ruby-advisory-db/gems/actionpack/OSVDB-91452.yml