CVE-2020-4054Cross-site Scripting in Project Sanitize

CWE-79Cross-site Scripting10 documents7 sources
Severity
7.3HIGHNVD
EPSS
0.5%
top 34.69%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Sanitize Project SanitizeDebian Ruby-sanitizeRgrove Sanitize
Timeline
PublishedJun 16
Latest updateDec 2

Description

In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2.1, there is a cross-site scripting vulnerability. When HTML is sanitized using Sanitize's "relaxed" config, or a custom config that allows certain elements, some content in a math or svg element may not be sanitized correctly even if math and svg are not in the allowlist. You are likely to be vulnerable to this issue if you use Sanitize's relaxed config or a custom config that allows one or more of the following HTML

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:LExploitability: 3.9 | Impact: 3.4

Affected Packages4 packages

debiandebian/ruby-sanitize< ruby-sanitize 4.6.6-2.1 (bookworm)
NVDsanitize_project/sanitize3.0.05.2.1
RubyGemssanitize_project/sanitize3.0.05.2.1
CVEListV5rgrove/sanitize>= 3.0.0, < 5.2.1

Patches

Patch: github.comPatch: github.com

🔴Vulnerability Details

4
OSV
ruby-sanitize vulnerability2020-09-25
OSV
CVE-2020-4054: In Sanitize (RubyGem sanitize) greater than or equal to 32020-06-16
OSV
Cross-site Scripting in Sanitize2020-06-16
GHSA
Cross-site Scripting in Sanitize2020-06-16

💥Exploits & PoCs

1
Exploit-DB
Microsoft Windows - Win32k Elevation of Privilege2020-12-02

📋Vendor Advisories

2
Ubuntu
Sanitize vulnerability2020-09-25
Debian
CVE-2020-4054: ruby-sanitize - In Sanitize (RubyGem sanitize) greater than or equal to 3.0.0 and less than 5.2....2020

💬Community

2
Bugzilla
CVE-2020-4054 rubygem-rails-html-sanitizer: XSS via crafted input2020-06-19
Bugzilla
CVE-2020-4054 rubygem-rails-html-sanitizer: XSS via crafted input [fedora-all]2020-06-19