CVE-2026-33168 | rails actionview prior 7.2.3.1/8.0.4.1/8.1.2.1 Attribute cross site scripting (GHSA-v55j-83pf-r9cq)

Inserito da Angelo Barbosa | Mar 24, 2026 | CVE

A vulnerability labeled as problematic has been found in rails actionview. The impacted element is an unknown function of the component Attribute Handler. The manipulation results in cross site scripting.

This vulnerability is identified as CVE-2026-33168. The attack can be executed remotely. There is not any exploit available.

The affected component should be upgraded.

CVE-2026-33168 | rails actionview prior 7.2.3.1/8.0.4.1/8.1.2.1 Attribute cross site scripting (GHSA-v55j-83pf-r9cq)

Post correlati

CVE-2025-41358 | i2A CronosWeb prior 25.00.00.12 AdjuntarDocumentosPersonas documentCode authorization

CVE-2024-33342 | D-Link DIR-822+ 1.0.5 prog.cgi SetPlcNetworkpwd command injection

CVE-2026-23983 | Apache Superset up to 5.x Tag Endpoint information disclosure

CVE-2025-6239 | Zoho ManageEngine Applications Manager up to 176800 File Monitor information disclosure