Ruby on Rails 'sanitize_css()' Method CVE-2013-1855 Cross Site Scripting Vulnerability

Bugtraq ID: 58552
Class: Input Validation Error
CVE: CVE-2013-1855
Remote: Yes
Local: No
Published: Mar 18 2013 12:00AM
Updated: Dec 16 2014 07:58AM
Credit: Charlie Somerville
Vulnerable: Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 2.3.11
Ruby on Rails Ruby on Rails 2.3.10
Ruby on Rails Ruby on Rails 2.3.9
Ruby on Rails Ruby on Rails 2.3.5
Ruby on Rails Ruby on Rails 2.3.4
Ruby on Rails Ruby on Rails 2.3.3
Ruby on Rails Ruby on Rails 2.3.2
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 2.3.14
Ruby on Rails Ruby on Rails 2.3.13
Ruby on Rails Ruby on Rails 2.3.12
Red Hat Fedora 17
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Apple Mac Os X Server 10.7.4
Apple Mac Os X Server 10.7.3
Apple Mac Os X Server 10.7.1
Apple Mac Os X Server 10.7
Apple Mac Os X Server 10.6.8
Apple Mac Os X 10.7.4
Apple Mac Os X 10.7.3
Apple Mac Os X 10.7.2
Apple Mac Os X 10.7.1
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus