Rubyonrails Actionpack vulnerabilities
2 known vulnerabilities affecting rubyonrails/actionpack.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2022-27777MEDIUMCVSS 6.1fixed in 5.2.7.1≥ 6.0.0, < 6.0.4.8+2 more2022-05-26
CVE-2022-27777 [MEDIUM] CWE-79 CVE-2022-27777: A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to
A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes.
nvd
CVE-2022-22577MEDIUMCVSS 6.1≥ 5.2.0, < 5.2.7.1≥ 6.0.0, < 6.0.4.8+2 more2022-05-26
CVE-2022-22577 [MEDIUM] CWE-79 CVE-2022-22577: An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP
An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.
nvd