[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
CVE
view JSON

CVE-2013-1857Date: (C)2013-03-20   (M)2024-02-22


The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted scheme name, as demonstrated by including a : sequence.

CVSS Score and Metrics +CVSS Score and Metrics -

CVSS V2 Severity:
CVSS Score : 4.3
Exploit Score: 8.6
Impact Score: 2.9
 
CVSS V2 Metrics:
Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality: NONE
Integrity: PARTIAL
Availability: NONE
  
Reference:
APPLE-SA-2013-06-04-1
APPLE-SA-2013-10-22-5
RHSA-2013:0698
RHSA-2014:1863
https://groups.google.com/group/rubyonrails-security/msg/78b9817a5943f6d6?dmode=source&output=gplain
http://support.apple.com/kb/HT5784
http://weblog.rubyonrails.org/2013/3/18/SEC-ANN-Rails-3-2-13-3-1-12-and-2-3-18-have-been-released/
openSUSE-SU-2013:0661
openSUSE-SU-2013:0662
openSUSE-SU-2014:0019

CPE    13
cpe:/a:rubyonrails:rails:1.2.4
cpe:/a:rubyonrails:ruby_on_rails:0.9.0
cpe:/a:rubyonrails:ruby_on_rails:0.5.5
cpe:/a:rubyonrails:ruby_on_rails:0.5.6
...
CWE    1
CWE-79
OVAL    5
oval:org.secpod.oval:def:14173
oval:org.secpod.oval:def:601000
oval:org.secpod.oval:def:104782
oval:org.secpod.oval:def:104778
...

© SecPod Technologies