Sha256: 7f6d6bf2752c856480e4049d1754d95c085e820ca70e3f29e241881a3555b39e

Contents?: true

Size: 626 Bytes

Versions: 3

Compression:

Stored size: 626 Bytes

Contents

---
gem: actionpack
framework: rails
cve: 2013-4491
osvdb: 100528
url: https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
title: Reflective XSS Vulnerability in Ruby on Rails
date: 2013-12-03

description: |
  There is a vulnerability in the internationalization component of Ruby on
  Rails. Under certain common configurations an attacker can provide specially
  crafted input which will execute a reflective XSS attack.
  
  The root cause of this issue is a vulnerability in the i18n gem which has
  been assigned the identifier CVE-2013-4492.

cvss_v2: 

patched_versions:
  - ~> 3.2.16
  - ">= 4.0.2"

Version data entries

3 entries across 3 versions & 2 rubygems

Version Path
bundler-audit-0.4.0 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml
bundler-audit-0.3.1 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml
mrjoy-bundler-audit-0.3.3 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml