Cross-site scripting (XSS) vulnerability in rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x

Cross-site scripting (XSS) vulnerability in rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x

CVE-2015-7578 · MEDIUM Severity

AV:N/AC:M/AU:N/C:N/I:P/A:N

Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes.

Learn more about our Web App Pen Testing.