CVE-2013-1855 — Cross-site Scripting in Ruby ON Rails

CWE-79 — Cross-site Scripting10 documents7 sources

Severity

4.3MEDIUMNVD

EPSS

0.5%

top 32.50%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Rubyonrails Rails Actionpack Project Actionpack Rubyonrails Ruby ON Rails +1 more

Timeline

PublishedMar 19

Latest updateOct 24

Description

The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle \n (newline) characters, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

▶RubyGemsactionpack_project/actionpack3.0.0 — 3.1.12+2

▶Debianrubyonrails/rails< 2.3.14.1+3

▶NVDrubyonrails/ruby_on_rails2.3.17+12

▶NVDrubyonrails/rails100 versions+99

Also affects: Enterprise Linux 6.0

🔴Vulnerability Details

GHSA

actionpack Cross-site Scripting vulnerability↗2017-10-24

▶

OSV

actionpack Cross-site Scripting vulnerability↗2017-10-24

▶

CVEList

CVE-2013-1855: The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer↗2013-03-19

▶

OSV

CVE-2013-1855: The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer↗2013-03-19

▶

📋Vendor Advisories

Red Hat

rubygem-actionpack: css_sanitization: XSS vulnerability in sanitize_css↗2013-03-18

▶

Debian

CVE-2013-1855: rails - The sanitize_css method in lib/action_controller/vendor/html-scanner/html/saniti...↗2013

▶

💬Community

Bugzilla

CVE-2013-1855 CVE-2013-1857 rubygem-actionpack various flaws [epel-5]↗2013-03-21

▶

Bugzilla

CVE-2013-1855 CVE-2013-1857 rubygem-actionpack various flaws [fedora-all]↗2013-03-21

▶

Bugzilla

CVE-2013-1855 rubygem-actionpack: css_sanitization: XSS vulnerability in sanitize_css↗2013-03-14

▶