Moderate severity vulnerability that affects rails-html-sanitizer

Withdrawn, accidental duplicate publish.

Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes.

Published: Sep 17, 2018
Updated: Apr 14, 2023
GHSA: GHSA-qc8j-m8j3-rjq6
Severity: Medium
Exploit:

No technical information available.

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
rails-html-sanitizer	-	1.0.3

No references available.

Vulnerability Database

290,020

Moderate severity vulnerability that affects rails-html-sanitizer