Sha256: 760ded196f0c6f436ded97d89616c161104039ed633f09ffb1977620bf44b767
Contents?: true
Size: 725 Bytes
Versions: 1
Compression:
Stored size: 725 Bytes
Contents
--- url: http://www.osvdb.org/show/osvdb/79727 title: Ruby on Rails actionpack/lib/action_view/helpers/form_options_helper.rb Manually Generated Select Tag Options XSS description: > Ruby on Rails contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate manually generated 'select tag options' upon submission to actionpack/lib/action_view/helpers/form_options_helper.rb. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user's browser within the trust relationship between their browser and the server. cvss_v2: 4.3 patched_versions: - ~> 3.0.12 - ~> 3.1.4 - ">= 3.2.2"
Version data entries
1 entries across 1 versions & 1 rubygems
| Version | Path |
|---|---|
| bundler-audit-0.1.1 | data/bundler/audit/rails/2012-1099.yml |