Html Sanitizer Ruby on Rails Html Sanitizer

Do you want an email whenever new security vulnerabilities are reported in Ruby on Rails Html Sanitizer?

By the Year

In 2022 there have been 0 vulnerabilities in Ruby on Rails Html Sanitizer . Html Sanitizer did not have any published security vulnerabilities last year.

Year Vulnerabilities Average Score
2022 0 0.00
2021 0 0.00
2020 0 0.00
2019 0 0.00
2018 1 6.10

It may take a day or so for new Html Sanitizer vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Ruby on Rails Html Sanitizer Security Vulnerabilities

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby

CVE-2018-3741 6.1 - Medium - March 30, 2018

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah. All users running an affected release should either upgrade or use one of the workarounds immediately.

XSS

Stay on top of Security Vulnerabilities

Want an email whenever new vulnerabilities are published for Ruby on Rails Html Sanitizer or by Ruby on Rails? Click the Watch button to subscribe.

subscribe