Ruby on Rails Multple Cross Site Scripting Vulnerabilities

Bugtraq ID: 52264
Class: Input Validation Error
CVE: CVE-2012-1098
CVE-2012-1099
Remote: Yes
Local: No
Published: Mar 02 2012 12:00AM
Updated: Apr 16 2015 06:12PM
Credit: Akira Matsuda and Sergey Nartimov
Vulnerable: Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.0.11
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.5
Ruby on Rails Ruby on Rails 3.0.4
Ruby on Rails Ruby on Rails 3.0.3
Ruby on Rails Ruby on Rails 3.0.2
Ruby on Rails Ruby on Rails 3.0.1
Ruby on Rails Ruby on Rails 3.0
Ruby on Rails Ruby on Rails 2.3.11
Ruby on Rails Ruby on Rails 2.3.10
Ruby on Rails Ruby on Rails 2.3.9
Ruby on Rails Ruby on Rails 2.3.5
Ruby on Rails Ruby on Rails 2.3.4
Ruby on Rails Ruby on Rails 2.3.3
Ruby on Rails Ruby on Rails 2.3.2
Ruby on Rails Ruby on Rails 2.2.3
Ruby on Rails Ruby on Rails 2.2.2
Ruby on Rails Ruby on Rails 2.1.1
Ruby on Rails Ruby on Rails 2.1
Ruby on Rails Ruby on Rails 2.0.5
Ruby on Rails Ruby on Rails 2.0.4
Ruby on Rails Ruby on Rails 2.0
Ruby on Rails Ruby on Rails 1.2.6
Ruby on Rails Ruby on Rails 1.2.5
Ruby on Rails Ruby on Rails 1.2.3
Ruby on Rails Ruby on Rails 1.1.6
Ruby on Rails Ruby on Rails 1.1.5
Ruby on Rails Ruby on Rails 1.1.4
Ruby on Rails Ruby on Rails 1.1.3
Ruby on Rails Ruby on Rails 1.1.2
Ruby on Rails Ruby on Rails 1.1.1
Ruby on Rails Ruby on Rails 1.1
Ruby on Rails Ruby on Rails 3.1.0.rc6
Ruby on Rails Ruby on Rails 3.1.0.rc5
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Ruby on Rails Ruby on Rails 3.0.10
Ruby on Rails Ruby on Rails 2.3.13
Ruby on Rails Ruby on Rails 2.3.12
Ruby on Rails Ruby on Rails 1.0
Ruby on Rails Ruby on Rails 0.14
Ruby on Rails Ruby on Rails 0.13
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable: Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.0.12


 

Privacy Statement
Copyright 2010, SecurityFocus