Sha256: bcec173de8ac26c8d749ca7f9b3fd95fe5eacb40ecda2a4572527feeea86bad4

Contents?: true

Size: 627 Bytes

Versions: 6

Compression:

Stored size: 627 Bytes

Contents

---
gem: actionpack
framework: rails
cve: 2013-4491
osvdb: 100528
url: https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
title: Reflective XSS Vulnerability in Ruby on Rails
date: 2013-12-03

description: |
  There is a vulnerability in the internationalization component of Ruby on
  Rails. Under certain common configurations an attacker can provide specially
  crafted input which will execute a reflective XSS attack.

  The root cause of this issue is a vulnerability in the i18n gem which has
  been assigned the identifier CVE-2013-4492.

cvss_v2: 4.3

patched_versions:
  - ~> 3.2.16
  - ">= 4.0.2"

Version data entries

6 entries across 6 versions & 2 rubygems

Version Path
bundler-audit-0.7.0.1 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml
bundler-budit-0.6.2 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml
bundler-budit-0.6.1 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml
bundler-audit-0.6.1 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml
bundler-audit-0.6.0 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml
bundler-audit-0.5.0 data/ruby-advisory-db/gems/actionpack/OSVDB-100528.yml