Ruby on Rails Html Sanitizer
By the Year
In 2023 there have been 0 vulnerabilities in Ruby on Rails Html Sanitizer . Html Sanitizer did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 1 | 6.10 |
It may take a day or so for new Html Sanitizer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Ruby on Rails Html Sanitizer Security Vulnerabilities
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby
CVE-2018-3741
6.1 - Medium
- March 30, 2018
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah. All users running an affected release should either upgrade or use one of the workarounds immediately.
XSS
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Ruby on Rails Html Sanitizer or by Ruby on Rails? Click the Watch button to subscribe.
