Ruby on Rails 'NumberHelper' Module Multiple Cross Site Scripting Vulnerabilities

Bugtraq ID: 65647
Class: Input Validation Error
CVE: CVE-2014-0081
Remote: Yes
Local: No
Published: Feb 18 2014 12:00AM
Updated: Apr 13 2015 09:42PM
Credit: Kevin Reintjes
Vulnerable: SuSE Studio Onsite 1.3
SuSE Linux Enterprise Server 11 SP1 LTSS
S.u.S.E. openSUSE 13.1
S.u.S.E. openSUSE 12.3
Ruby on Rails Ruby on Rails 4.0.2
Ruby on Rails Ruby on Rails 4.0.1
Ruby on Rails Ruby on Rails 4.0
Ruby on Rails Ruby on Rails 3.2.13
Ruby on Rails Ruby on Rails 3.2.12
Ruby on Rails Ruby on Rails 3.2.11
Ruby on Rails Ruby on Rails 3.2.10
Ruby on Rails Ruby on Rails 3.1.12
Ruby on Rails Ruby on Rails 3.1.11
Ruby on Rails Ruby on Rails 3.1.9
Ruby on Rails Ruby on Rails 3.1.8
Ruby on Rails Ruby on Rails 3.1.7
Ruby on Rails Ruby on Rails 3.1.6
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.1
Ruby on Rails Ruby on Rails 3.0.20
Ruby on Rails Ruby on Rails 3.0.19
Ruby on Rails Ruby on Rails 3.0.18
Ruby on Rails Ruby on Rails 3.0.17
Ruby on Rails Ruby on Rails 3.0.16
Ruby on Rails Ruby on Rails 3.0.14
Ruby on Rails Ruby on Rails 3.0.13
Ruby on Rails Ruby on Rails 3.0.12
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 2.3.18
Ruby on Rails Ruby on Rails 2.3.17
Ruby on Rails Ruby on Rails 2.3.16
Ruby on Rails Ruby on Rails 2.3.15
Ruby on Rails Ruby on Rails 2.3.11
Ruby on Rails Ruby on Rails 2.3.10
Ruby on Rails Ruby on Rails 2.3.9
Ruby on Rails Ruby on Rails 2.3.5
Ruby on Rails Ruby on Rails 2.3.4
Ruby on Rails Ruby on Rails 2.3.3
Ruby on Rails Ruby on Rails 2.3.2
Ruby on Rails Ruby on Rails 2.2.3
Ruby on Rails Ruby on Rails 2.2.2
Ruby on Rails Ruby on Rails 2.1.3
Ruby on Rails Ruby on Rails 2.1.1
Ruby on Rails Ruby on Rails 2.1
Ruby on Rails Ruby on Rails 2.0.5
Ruby on Rails Ruby on Rails 2.0.4
Ruby on Rails Ruby on Rails 2.0
Ruby on Rails Ruby on Rails 1.5.4
Ruby on Rails Ruby on Rails 1.5.3
Ruby on Rails Ruby on Rails 1.2.6
Ruby on Rails Ruby on Rails 1.2.5
Ruby on Rails Ruby on Rails 1.2.3
Ruby on Rails Ruby on Rails 1.1.6
Ruby on Rails Ruby on Rails 1.1.5
Ruby on Rails Ruby on Rails 1.1.4
Ruby on Rails Ruby on Rails 1.1.3
Ruby on Rails Ruby on Rails 1.1.2
Ruby on Rails Ruby on Rails 1.1.1
Ruby on Rails Ruby on Rails 1.1
Ruby on Rails Ruby on Rails 4.0
Ruby on Rails Ruby on Rails 3.2.16
Ruby on Rails Ruby on Rails 3.2.15
Ruby on Rails Ruby on Rails 3.2
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Ruby on Rails Ruby on Rails 2.3.14
Ruby on Rails Ruby on Rails 2.3.13
Ruby on Rails Ruby on Rails 2.3.12
Ruby on Rails Ruby on Rails 1.0
Ruby on Rails Ruby on Rails 0.14
Ruby on Rails Ruby on Rails 0.13
Redhat Software Collections 1 for RHEL 6 0
Redhat CloudForms 3.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
CentOS CentOS 6
Not Vulnerable: Ruby on Rails Ruby on Rails 4.1 rc1
Ruby on Rails Ruby on Rails 4.0.3
Ruby on Rails Ruby on Rails 3.2.17


 

Privacy Statement
Copyright 2010, SecurityFocus