Vulnerability-Lookup

CVE-2015-7578 (GCVE-0-2015-7578)

Vulnerability from cvelistv5 – Published: 2016-02-16 02:00 – Updated: 2024-08-06 07:51

Summary

Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes.

Severity ?

No CVSS data available.

CWE

Assigner

redhat

References

URL

CNVD-2016-00964

Vulnerability from cnvd - Published: 2016-02-16

Title

Ruby on Rails rails-html-sanitizer跨站脚本漏洞（CNVD-2016-00964）

Description

Ruby on Rails是Rails核心团队开发维护的一套基于Ruby语言的开源Web应用框架。rails-html-sanitizer是其中的一个HTML代码清理包。 Ruby on Rails rails-html-sanitizer存在跨站脚本漏洞,允许远程攻击者利用漏洞注入恶意脚本或HTML代码，当恶意数据被查看时，可获取敏感信息或劫持用户会话。

Severity

中

Patch Name

Ruby on Rails rails-html-sanitizer跨站脚本漏洞（CNVD-2016-00964）的补丁

Patch Description

Formal description

用户可参考如下厂商提供的安全补丁以修复该漏洞： http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/

Reference

http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/

Impacted products

Name
Ruby on Rails Ruby on Rails

Show details on source website

JSON

To clipboard

{
  "bids": {
    "bid": {
      "bidNumber": "81802"
    }
  },
  "cves": {
    "cve": {
      "cveNumber": "CVE-2015-7578"
    }
  },
  "description": "Ruby on Rails\u662fRails\u6838\u5fc3\u56e2\u961f\u5f00\u53d1\u7ef4\u62a4\u7684\u4e00\u5957\u57fa\u4e8eRuby\u8bed\u8a00\u7684\u5f00\u6e90Web\u5e94\u7528\u6846\u67b6\u3002rails-html-sanitizer\u662f\u5176\u4e2d\u7684\u4e00\u4e2aHTML\u4ee3\u7801\u6e05\u7406\u5305\u3002\r\n\r\nRuby on Rails rails-html-sanitizer\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e,\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u6ce8\u5165\u6076\u610f\u811a\u672c\u6216HTML\u4ee3\u7801\uff0c\u5f53\u6076\u610f\u6570\u636e\u88ab\u67e5\u770b\u65f6\uff0c\u53ef\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u6216\u52ab\u6301\u7528\u6237\u4f1a\u8bdd\u3002",
  "discovererName": "Ben Murphy, Marien, Arnaud Germis, Nate Clark and John Colvin",
  "formalWay": "\u7528\u6237\u53ef\u53c2\u8003\u5982\u4e0b\u5382\u5546\u63d0\u4f9b\u7684\u5b89\u5168\u8865\u4e01\u4ee5\u4fee\u590d\u8be5\u6f0f\u6d1e\uff1a\r\nhttp://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2016-00964",
  "openTime": "2016-02-16",
  "patchDescription": "Ruby on Rails\u662fRails\u6838\u5fc3\u56e2\u961f\u5f00\u53d1\u7ef4\u62a4\u7684\u4e00\u5957\u57fa\u4e8eRuby\u8bed\u8a00\u7684\u5f00\u6e90Web\u5e94\u7528\u6846\u67b6\u3002rails-html-sanitizer\u662f\u5176\u4e2d\u7684\u4e00\u4e2aHTML\u4ee3\u7801\u6e05\u7406\u5305\u3002\r\n\r\nRuby on Rails rails-html-sanitizer\u5b58\u5728\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e,\u5141\u8bb8\u8fdc\u7a0b\u653b\u51fb\u8005\u5229\u7528\u6f0f\u6d1e\u6ce8\u5165\u6076\u610f\u811a\u672c\u6216HTML\u4ee3\u7801\uff0c\u5f53\u6076\u610f\u6570\u636e\u88ab\u67e5\u770b\u65f6\uff0c\u53ef\u83b7\u53d6\u654f\u611f\u4fe1\u606f\u6216\u52ab\u6301\u7528\u6237\u4f1a\u8bdd\u3002\u76ee\u524d\uff0c\u4f9b\u5e94\u5546\u53d1\u5e03\u4e86\u5b89\u5168\u516c\u544a\u53ca\u76f8\u5173\u8865\u4e01\u4fe1\u606f\uff0c\u4fee\u590d\u4e86\u6b64\u6f0f\u6d1e\u3002",
  "patchName": "Ruby on Rails rails-html-sanitizer\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2016-00964\uff09\u7684\u8865\u4e01",
  "products": {
    "product": "Ruby on Rails Ruby on Rails"
  },
  "referenceLink": "http://weblog.rubyonrails.org/2016/1/25/Rails-5-0-0-beta1-1-4-2-5-1-4-1-14-1-3-2-22-1-and-rails-html-sanitizer-1-0-3-have-been-released/",
  "serverity": "\u4e2d",
  "submitTime": "2016-02-08",
  "title": "Ruby on Rails rails-html-sanitizer\u8de8\u7ad9\u811a\u672c\u6f0f\u6d1e\uff08CNVD-2016-00964\uff09"
}

CERTFR-2016-AVI-037

Vulnerability from certfr_avis - Published: 2016-01-26 - Updated: 2016-01-26

De multiples vulnérabilités ont été corrigées dans Ruby On Rails. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, un contournement de la politique de sécurité et une atteinte à l'intégrité des données.

Solution

Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).

None

Impacted products

Vendor	Product	Description
Ruby on Rails	Ruby on Rails	Ruby on Rails versions 4.1.x antérieures à 4.1.14.1
Ruby on Rails	Ruby on Rails	Ruby on Rails versions 4.2.x antérieures à 4.2.5.1
Ruby on Rails	Ruby on Rails	Ruby on Rails versions 5.0.x antérieures à 5.0.0.beta1.1
Ruby on Rails	Ruby on Rails	Ruby on Rails versions 3.2.x antérieures à 3.2.22.1

References

Title

Publication Time

FKIE_CVE-2015-7578

Vulnerability from fkie_nvd - Published: 2016-02-16 02:59 - Updated: 2025-04-12 10:46

Severity ?

6.1 (Medium) - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Summary

References

	URL	Tags
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html
	secalert@redhat.com	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html
	secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html
	secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html
	secalert@redhat.com	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html
	secalert@redhat.com	http://www.openwall.com/lists/oss-security/2016/01/25/11
	secalert@redhat.com	http://www.securitytracker.com/id/1034816
	secalert@redhat.com	https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4
	secalert@redhat.com	https://groups.google.com/forum/message/raw?msg=ruby-security-ann/uh--W4TDwmI/ygHE7hlZEgAJ
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html
	af854a3a-2127-422b-91ae-364da2661108	http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html
	af854a3a-2127-422b-91ae-364da2661108	http://www.openwall.com/lists/oss-security/2016/01/25/11
	af854a3a-2127-422b-91ae-364da2661108	http://www.securitytracker.com/id/1034816
	af854a3a-2127-422b-91ae-364da2661108	https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4
	af854a3a-2127-422b-91ae-364da2661108	https://groups.google.com/forum/message/raw?msg=ruby-security-ann/uh--W4TDwmI/ygHE7hlZEgAJ

Impacted products

Vendor	Product	Version
rubyonrails	html_sanitizer	*
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.0
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.1
rubyonrails	rails	4.2.2
rubyonrails	rails	4.2.3
rubyonrails	rails	4.2.3
rubyonrails	rails	4.2.4
rubyonrails	rails	4.2.4
rubyonrails	rails	4.2.5
rubyonrails	rails	4.2.5
rubyonrails	rails	4.2.5
rubyonrails	rails	4.2.5.1
rubyonrails	rails	4.2.5.2
rubyonrails	rails	4.2.6
rubyonrails	rails	5.0.0
rubyonrails	rails	5.0.0
rubyonrails	rails	5.0.0
rubyonrails	rails	5.0.0

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rubyonrails:html_sanitizer:*:*:*:*:*:ruby:*:*",
              "matchCriteriaId": "4CBB3D93-016A-43CA-9325-3F5D58DD4FD4",
              "versionEndIncluding": "1.0.2",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9A68D41F-36A9-4B77-814D-996F4E48FA79",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "709A19A5-8FD1-4F9C-A38C-F06242A94D68",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "8104482C-E8F5-40A7-8B27-234FEF725FD0",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "2CFF8677-EA00-4F7E-BFF9-272482206DB5",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*",
              "matchCriteriaId": "8D7DF5CD-DA28-492D-B5EE-D252ECCC8D96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "85435026-9855-4BF4-A436-832628B005FD",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "56C2308F-A590-47B0-9791-7865D189196F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "9A266882-DABA-4A4C-88E6-60E993EE0947",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "83F1142C-3BFB-4B72-A033-81E20DB19D02",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1FA738A1-227B-4665-B65E-666883FFAE96",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "6F00718C-A9E8-4E85-8DA6-33BF11F2DCCE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*",
              "matchCriteriaId": "10789A2D-6401-4119-BFBE-2EE4C16216D3",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*",
              "matchCriteriaId": "70ABD462-7142-4831-8EB6-801EC1D05573",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "81D717DB-7C80-48AA-A774-E291D2E75D6E",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "06B357FB-0307-4EFA-9C5B-3C2CDEA48584",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "E4BD8840-0F1C-49D3-B843-9CFE64948018",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "79D5B492-43F9-470F-BD21-6EFD93E78453",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "4EC1F602-D48C-458A-A063-4050BE3BB25F",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "F6A1C015-56AD-489C-B301-68CF1DBF1BEF",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "FD191625-ACE2-46B6-9AAD-12D682C732C2",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*",
              "matchCriteriaId": "02C7DB56-267B-4057-A9BA-36D1E58C6282",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC163D49-691B-4125-A983-6CF6F6D86DEE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.5.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "68B537D1-1584-4D15-9C75-08ED4D45DC3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:4.2.6:rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1E3B4233-E117-4E77-A60D-3DFD5073154D",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*",
              "matchCriteriaId": "AF8F94CF-D504-4165-A69E-3F1198CB162A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1.1:*:*:*:*:*:*",
              "matchCriteriaId": "C8C25977-AB6C-45E1-8956-871EB31B36BA",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta2:*:*:*:*:*:*",
              "matchCriteriaId": "5F0AB6B0-3506-4332-A183-309FAC4882CE",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta3:*:*:*:*:*:*",
              "matchCriteriaId": "6D7B4EBC-B634-4AD7-9F7A-54D14821D5AE",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de XSS en la gema rails-html-sanitizer en versiones anteriores a 1.0.3 para Ruby on Rails 4.2.x y 5.x permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a trav\u00e9s de atributos de etiqueta manipulados."
    }
  ],
  "id": "CVE-2015-7578",
  "lastModified": "2025-04-12T10:46:40.837",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "NONE",
          "baseScore": 4.3,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": true
      }
    ],
    "cvssMetricV30": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "NONE",
          "baseScore": 6.1,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "LOW",
          "integrityImpact": "LOW",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "version": "3.0"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 2.7,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2016-02-16T02:59:02.047",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.openwall.com/lists/oss-security/2016/01/25/11"
    },
    {
      "source": "secalert@redhat.com",
      "url": "http://www.securitytracker.com/id/1034816"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/uh--W4TDwmI/ygHE7hlZEgAJ"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.openwall.com/lists/oss-security/2016/01/25/11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securitytracker.com/id/1034816"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/uh--W4TDwmI/ygHE7hlZEgAJ"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-79"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}

GSD-2015-7578

Vulnerability from gsd - Updated: 2016-01-25 00:00

Details

There is a possible XSS vulnerability in rails-html-sanitizer. This vulnerability has been assigned the CVE identifier CVE-2015-7578. Versions Affected: All. Not affected: None. Fixed Versions: 1.0.3 Impact ------ There is a possible XSS vulnerability in rails-html-sanitizer. Certain attributes are not removed from tags when they are sanitized, and these attributes can lead to an XSS attack on target applications. All users running an affected release should either upgrade or use one of the workarounds immediately. Releases -------- The FIXED releases are available at the normal locations. Workarounds ----------- There are no feasible workarounds for this issue. Patches ------- To aid users who aren't able to upgrade immediately we have provided patches for the two supported release series. They are in git-am format and consist of a single changeset. * 1-0-sanitize_data_attributes.patch - Patch for 1.0 series Credits ------- Thanks to Ben Murphy and Marien for reporting this.

Aliases

CVE-2015-7578

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-7578",
    "description": "Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes.",
    "id": "GSD-2015-7578",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-7578.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "affected": [
        {
          "package": {
            "ecosystem": "RubyGems",
            "name": "rails-html-sanitizer",
            "purl": "pkg:gem/rails-html-sanitizer"
          }
        }
      ],
      "aliases": [
        "CVE-2015-7578",
        "GHSA-59c7-4xj2-hgvw"
      ],
      "details": "There is a possible XSS vulnerability in rails-html-sanitizer. This\nvulnerability has been assigned the CVE identifier CVE-2015-7578.\n\nVersions Affected:  All.\nNot affected:       None.\nFixed Versions:     1.0.3\n\nImpact\n------\nThere is a possible XSS vulnerability in rails-html-sanitizer.  Certain\nattributes are not removed from tags when they are sanitized, and these\nattributes can lead to an XSS attack on target applications.\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\nReleases\n--------\nThe FIXED releases are available at the normal locations.\n\nWorkarounds\n-----------\nThere are no feasible workarounds for this issue.\n\nPatches\n-------\nTo aid users who aren\u0027t able to upgrade immediately we have provided patches for\nthe two supported release series. They are in git-am format and consist of a\nsingle changeset.\n\n* 1-0-sanitize_data_attributes.patch - Patch for 1.0 series\n\nCredits\n-------\nThanks to Ben Murphy and Marien for reporting this.\n",
      "id": "GSD-2015-7578",
      "modified": "2016-01-25T00:00:00.000Z",
      "published": "2016-01-25T00:00:00.000Z",
      "references": [
        {
          "type": "WEB",
          "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI"
        }
      ],
      "schema_version": "1.4.0",
      "severity": [
        {
          "score": 6.1,
          "type": "CVSS_V3"
        }
      ],
      "summary": "Possible XSS vulnerability in rails-html-sanitizer"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2015-7578",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "FEDORA-2016-3a2606f993",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html"
          },
          {
            "name": "[oss-security] 20160125 [CVE-2015-7578] Possible XSS vulnerability in rails-html-sanitizer",
            "refsource": "MLIST",
            "url": "http://www.openwall.com/lists/oss-security/2016/01/25/11"
          },
          {
            "name": "SUSE-SU-2016:1146",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
          },
          {
            "name": "https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4",
            "refsource": "CONFIRM",
            "url": "https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4"
          },
          {
            "name": "1034816",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1034816"
          },
          {
            "name": "[ruby-security-ann] 20160125 [CVE-2015-7578] Possible XSS vulnerability in rails-html-sanitizer",
            "refsource": "MLIST",
            "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/uh--W4TDwmI/ygHE7hlZEgAJ"
          },
          {
            "name": "FEDORA-2016-59ce8b61dd",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html"
          },
          {
            "name": "SUSE-SU-2016:0391",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html"
          },
          {
            "name": "openSUSE-SU-2016:0356",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html"
          }
        ]
      }
    },
    "github.com/rubysec/ruby-advisory-db": {
      "cve": "2015-7578",
      "cvss_v3": 6.1,
      "date": "2016-01-25",
      "description": "There is a possible XSS vulnerability in rails-html-sanitizer. This\nvulnerability has been assigned the CVE identifier CVE-2015-7578.\n\nVersions Affected:  All.\nNot affected:       None.\nFixed Versions:     1.0.3\n\nImpact\n------\nThere is a possible XSS vulnerability in rails-html-sanitizer.  Certain\nattributes are not removed from tags when they are sanitized, and these\nattributes can lead to an XSS attack on target applications.\n\nAll users running an affected release should either upgrade or use one of the\nworkarounds immediately.\n\nReleases\n--------\nThe FIXED releases are available at the normal locations.\n\nWorkarounds\n-----------\nThere are no feasible workarounds for this issue.\n\nPatches\n-------\nTo aid users who aren\u0027t able to upgrade immediately we have provided patches for\nthe two supported release series. They are in git-am format and consist of a\nsingle changeset.\n\n* 1-0-sanitize_data_attributes.patch - Patch for 1.0 series\n\nCredits\n-------\nThanks to Ben Murphy and Marien for reporting this.\n",
      "gem": "rails-html-sanitizer",
      "ghsa": "59c7-4xj2-hgvw",
      "patched_versions": [
        "\u003e= 1.0.3"
      ],
      "title": "Possible XSS vulnerability in rails-html-sanitizer",
      "url": "https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI"
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c1.0.3",
          "affected_versions": "All versions before 1.0.3",
          "credit": "Ben Murphy and Marien",
          "cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
          "cvss_v3": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-79",
            "CWE-937"
          ],
          "date": "2019-08-08",
          "description": "Certain attributes are not removed from tags when they are sanitized, and these attributes can lead to an XSS attack on target applications.",
          "fixed_versions": [
            "1.0.3"
          ],
          "identifier": "CVE-2015-7578",
          "identifiers": [
            "CVE-2015-7578"
          ],
          "package_slug": "gem/rails-html-sanitizer",
          "pubdate": "2016-02-15",
          "solution": "Upgrade to latest or apply patches.",
          "title": "Possible XSS vulnerability",
          "urls": [
            "https://groups.google.com/forum/#!topic/rubyonrails-security/uh--W4TDwmI"
          ],
          "uuid": "3b3b6384-f229-4780-8031-cc8eaaa39707"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:html_sanitizer:*:*:*:*:*:ruby:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.0.2",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1.1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.5:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.4:rc1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.4:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.6:rc1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.3:rc1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.3:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:5.0.0:beta3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.5:rc1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta3:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta2:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.5.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.5.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.1:rc4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:rc1:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.2.0:beta4:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2015-7578"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-79"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "[oss-security] 20160125 [CVE-2015-7578] Possible XSS vulnerability in rails-html-sanitizer",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://www.openwall.com/lists/oss-security/2016/01/25/11"
            },
            {
              "name": "https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4",
              "refsource": "CONFIRM",
              "tags": [],
              "url": "https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4"
            },
            {
              "name": "[ruby-security-ann] 20160125 [CVE-2015-7578] Possible XSS vulnerability in rails-html-sanitizer",
              "refsource": "MLIST",
              "tags": [],
              "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/uh--W4TDwmI/ygHE7hlZEgAJ"
            },
            {
              "name": "SUSE-SU-2016:1146",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
            },
            {
              "name": "FEDORA-2016-3a2606f993",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html"
            },
            {
              "name": "FEDORA-2016-59ce8b61dd",
              "refsource": "FEDORA",
              "tags": [],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html"
            },
            {
              "name": "openSUSE-SU-2016:0356",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html"
            },
            {
              "name": "SUSE-SU-2016:0391",
              "refsource": "SUSE",
              "tags": [],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html"
            },
            {
              "name": "1034816",
              "refsource": "SECTRACK",
              "tags": [],
              "url": "http://www.securitytracker.com/id/1034816"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 4.3,
            "confidentialityImpact": "NONE",
            "integrityImpact": "PARTIAL",
            "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 8.6,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": true
        },
        "baseMetricV3": {
          "cvssV3": {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "availabilityImpact": "NONE",
            "baseScore": 6.1,
            "baseSeverity": "MEDIUM",
            "confidentialityImpact": "LOW",
            "integrityImpact": "LOW",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "REQUIRED",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
            "version": "3.0"
          },
          "exploitabilityScore": 2.8,
          "impactScore": 2.7
        }
      },
      "lastModifiedDate": "2019-08-08T15:16Z",
      "publishedDate": "2016-02-16T02:59Z"
    }
  }
}

GHSA-59C7-4XJ2-HGVW

Vulnerability from github – Published: 2017-10-24 18:33 – Updated: 2023-01-23 20:38

Summary

rails-html-sanitizer Cross-site Scripting vulnerability

Details

Severity ?

6.1 (Medium)


                  
                    CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "rails-html-sanitizer"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2015-7578"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-79"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T21:00:19Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via crafted tag attributes.",
  "id": "GHSA-59c7-4xj2-hgvw",
  "modified": "2023-01-23T20:38:10Z",
  "published": "2017-10-24T18:33:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-7578"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/rails-html-sanitizer/commit/297161e29a3e11186ce4c02bf7defc088bf544d4"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/rails-html-sanitizer"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/uh--W4TDwmI/ygHE7hlZEgAJ"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20160128075017/http://www.securitytracker.com/id/1034816"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178046.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/178064.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00014.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00024.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00053.html"
    },
    {
      "type": "WEB",
      "url": "http://www.openwall.com/lists/oss-security/2016/01/25/11"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
      "type": "CVSS_V3"
    }
  ],
  "summary": "rails-html-sanitizer Cross-site Scripting vulnerability"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2015-7578 (GCVE-0-2015-7578)

CNVD-2016-00964

CERTFR-2016-AVI-037

Solution

FKIE_CVE-2015-7578

GSD-2015-7578

GHSA-59C7-4XJ2-HGVW

Tags

Sightings

Nomenclature