Lucene search
Actionpack Security Vulnerabilities
cve
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker...
6.1CVSS
5.9AI Score
0.001EPSS
2023-02-09 08:15 PM
68
cve
A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific...
6.1CVSS
5.8AI Score
0.001EPSS
2022-05-26 05:15 PM
133
4
cve
An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like...
6.1CVSS
5.9AI Score
0.005EPSS
2022-05-26 05:15 PM
971
5