CVE-2024-53989 | rails-html-sanitizer up to 1.6.0 Rails::HTML::Sanitizer cross site scripting (GHSA-rxv5-gxqc-xx8g)

Posted by Angelo Barbosa | Dec 2, 2024 | CVE

A vulnerability classified as problematic was found in rails-html-sanitizer up to 1.6.0. This vulnerability affects the function Rails::HTML::Sanitizer. The manipulation leads to cross site scripting.

This vulnerability was named CVE-2024-53989. The attack can be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-53989 | rails-html-sanitizer up to 1.6.0 Rails::HTML::Sanitizer cross site scripting (GHSA-rxv5-gxqc-xx8g)

Related Posts

CVE-2024-33063 | Qualcomm Snapdragon Auto up to X75 5G Modem-RF System ML IE Parser integer overflow

CVE-2024-6444 | zephyrproject-rtos Zephyr up to 3.6 ots_client.c olcp_ind_handler heap-based overflow

CVE-2024-39381 | Adobe After Effects AVI File Parser out-of-bounds write (ZDI-24-1202)

CVE-2024-43398 | rexml Gem up to 3.3.5 on Ruby API Parser REXML::Document.new xml entity expansion