CVE-2013-1857Cross-site Scripting in Ruby ON Rails

CWE-79Cross-site Scripting10 documents7 sources
Severity
4.3MEDIUMNVD
EPSS
0.6%
top 29.78%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Rubyonrails RailsActionpack Project ActionpackRubyonrails Ruby ON Rails+1 more
Timeline
PublishedMar 19
Latest updateOct 24

Description

The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted scheme name, as demonstrated by including a : sequence.

CVSS vector

AV:N/AC:M/C:N/I:P/A:NExploitability: 8.6 | Impact: 2.9

Affected Packages4 packages

RubyGemsactionpack_project/actionpack3.0.03.1.12+2
Debianrubyonrails/rails< 2.3.14.1+3
NVDrubyonrails/rails100 versions+99

Also affects: Enterprise Linux 6.0

🔴Vulnerability Details

4
GHSA
actionpack Cross-site Scripting vulnerability2017-10-24
OSV
actionpack Cross-site Scripting vulnerability2017-10-24
OSV
CVE-2013-1857: The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer2013-03-19
CVEList
CVE-2013-1857: The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer2013-03-19

📋Vendor Advisories

2
Red Hat
rubygem-actionpack: sanitize_protocol: XSS Vulnerability in the helper of Ruby on Rails2013-03-18
Debian
CVE-2013-1857: rails - The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer....2013

💬Community

3
Bugzilla
CVE-2013-1855 CVE-2013-1857 rubygem-actionpack various flaws [epel-5]2013-03-21
Bugzilla
CVE-2013-1855 CVE-2013-1857 rubygem-actionpack various flaws [fedora-all]2013-03-21
Bugzilla
CVE-2013-1857 rubygem-actionpack: sanitize_protocol: XSS Vulnerability in the helper of Ruby on Rails2013-03-14
CVE-2013-1857 — Cross-site Scripting in Ruby ON Rails | cvebase