Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | |||
CVE ID: | CVE-2020-5267 |
Description: | In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2. |
Test IDs: | 1.3.6.1.4.1.25623.1.0.892149 1.3.6.1.4.1.25623.1.0.853159 |
Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2020-5267 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XJ7NUWXAEVRQCROIIBV4C6WXO6IR3KSB/ https://github.com/rails/rails/commit/033a738817abd6e446e1b320cb7d1a5c15224e9a https://lists.debian.org/debian-lts-announce/2020/03/msg00022.html http://www.openwall.com/lists/oss-security/2020/03/19/1 SuSE Security Announcement: openSUSE-SU-2020:0627 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00019.html |