CVE-2013-6416 in Ruby on Rails信息

摘要

由 VulDB • 2026-06-06

Ruby on Rails 4.x(低于 4.0.2 版本)中 actionpack/lib/action_view/helpers/text_helper.rb 的 simple_format helper 存在跨站脚本攻击 (XSS) 漏洞,远程攻击者可通过构造恶意 HTML 属性注入任意 Web 脚本或 HTML。

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

来源

Want to stay up to date on a daily basis?

Enable the mail alert feature now!