| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2018-3741 | 4.3 |
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes ca
|
30-01-2023 - 16:10 | 30-03-2018 - 19:29 | |
| CVE-2012-6685 | 5.0 |
Nokogiri before 1.5.4 is vulnerable to XXE attacks
|
25-02-2020 - 18:35 | 19-02-2020 - 15:15 | |
| CVE-2018-8048 | 4.3 |
In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.
|
22-11-2019 - 09:15 | 27-03-2018 - 17:29 | |
| CVE-2018-11627 | 4.3 |
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
|
26-02-2019 - 15:03 | 31-05-2018 - 19:29 |