Moderate severity vulnerability that affects rails-html-sanitizer

Withdrawn, accidental duplicate publish.

Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node.

Published: Sep 17, 2018
Updated: Apr 14, 2023
GHSA: GHSA-77pc-q5q7-qg9h
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
rails-html-sanitizer	-	1.0.3

No references available.

Vulnerability Database

290,020

Moderate severity vulnerability that affects rails-html-sanitizer