CVE-2011-4319 in Ruby on Railsinfo

Summary

Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x before 3.0.11 and 3.1.x before 3.1.2, and the rails_xss plugin in Ruby on Rails 2.3.x, allows remote attackers to inject arbitrary web script or HTML via vectors related to a translations string whose name ends with an "html" substring.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Reservation

11/04/2011

Disclosure

11/28/2011

Moderation

VulDB entry created

Entries

VDB-59530 (1)

CPE

ready

CWE

CWE-79 (Confirmed)

CVSS

4.3

EPSS

0.00607

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2011-4319
NVD	https://nvd.nist.gov/vuln/detail/CVE-2011-4319
CVE Details	https://www.cvedetails.com/cve/CVE-2011-4319/

◂ Previous Overview Next ▸

Want to know what is going to be exploited?

We predict KEV entries!