Skip to content

Commit

Permalink
Improve GHSA-h835-75hw-pj89
Browse files Browse the repository at this point in the history
  • Loading branch information
@levpachmanov
levpachmanov committed Jan 21, 2025
1 parent c3c5b27 commit 1cb8a02
Showing 1 changed file with 12 additions and 13 deletions.
25 changes: 12 additions & 13 deletions advisories/github-reviewed/2017/10/GHSA-h835-75hw-pj89/GHSA-h835-75hw-pj89.json
View file
Original file line number Diff line number Diff line change
@@ -1,14 +1,16 @@
{
"schema_version": "1.4.0",
"id": "GHSA-h835-75hw-pj89",
"modified": "2025-01-21T15:18:40Z",
"modified": "2025-01-21T15:19:01Z",
"published": "2017-10-24T18:33:37Z",
"aliases": [
"CVE-2012-3464"
],
"summary": "activesupport Cross-site Scripting vulnerability",
"details": "Cross-site scripting (XSS) vulnerability in `activesupport/lib/active_support/core_ext/string/output_safety.rb` in Ruby on Rails before 2.3.16, 3.0.x before , 3.1.x before 3.1.8, and 3.2.x before 3.2.8 might allow remote attackers to inject arbitrary web script or HTML via vectors involving a ' (quote) character.",
"severity": [],
"severity": [

],
"affected": [
{
"package": {
Expand All @@ -20,10 +22,10 @@
"type": "ECOSYSTEM",
"events": [
{
"introduced": "3.0.0.beta"
"introduced": "3.1.0"
},
{
"fixed": "3.0.17"
"fixed": "3.1.8"
}
]
}
Expand All @@ -39,10 +41,10 @@
"type": "ECOSYSTEM",
"events": [
{
"introduced": "3.1.0"
"introduced": "3.2.0"
},
{
"fixed": "3.1.8"
"fixed": "3.2.8"
}
]
}
Expand All @@ -58,10 +60,10 @@
"type": "ECOSYSTEM",
"events": [
{
"introduced": "3.2.0"
"introduced": "3.0.0.beta"
},
{
"fixed": "3.2.8"
"fixed": "3.0.17"
}
]
}
Expand All @@ -80,14 +82,11 @@
"introduced": "0"
},
{
"fixed": "3.0.17"
"fixed": "2.3.16"
}
]
}
],
"database_specific": {
"last_known_affected_version_range": "< 2.3.16"
}
]
}
],
"references": [
Expand Down

0 comments on commit 1cb8a02

Please sign in to comment.