DescriptionThe sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted scheme name, as demonstrated by including a : sequence.
Overall state of this security issue: Resolved
This issue is currently rated as having moderate severity.
|National Vulnerability Database|
- SUSE-SU-2013:1036-1, published Mon Jun 17 15:04:10 MDT 2013
- openSUSE-SU-2013:0661-1, published Wed, 10 Apr 2013 23:05:24 +0200 (CEST)
- openSUSE-SU-2013:0662-1, published Wed, 10 Apr 2013 23:05:49 +0200 (CEST)
- openSUSE-SU-2014:0019-1, published Fri, 3 Jan 2014 23:04:13 +0100 (CET)
List of released packages
|Product(s)||Fixed package version(s)||References|
|SUSE Linux Enterprise Software Development Kit 11 SP4|| |
|SUSE Studio Onsite 1.3|| ||Patchnames:
|openSUSE 12.3|| ||Patchnames:
Status of this issue by product and package
Please note that this evaluation state might be work in progress, incomplete or outdated. Also information for service packs in the LTSS phase is only included for issues meeting the LTSS criteria. If in doubt, feel free to contact us for clarification.
|SUSE Lifecycle Management Server 1.3||rubygem-actionmailer-3_2||Released|
|SUSE Linux Enterprise Software Development Kit 11 SP4||rubygem-actionmailer-3_2||Released|
|SUSE Studio Onsite||rubygem-actionmailer-3_2||Released|
|WebYaST for SLE-11||rubygem-actionmailer-3_2||Released|