Max CVSS 7.5 Min CVSS 3.5 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2013-4492 4.3
Cross-site scripting (XSS) vulnerability in exceptions.rb in the i18n gem before 0.6.6 for Ruby allows remote attackers to inject arbitrary web script or HTML via a crafted I18n::MissingTranslationData.new call.
13-02-2023 - 04:47 07-12-2013 - 00:55
CVE-2017-12191 7.5
A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC (VMWare Remote Console) functions that may not be appropriate for users of CloudForms (and thus this a
12-02-2023 - 23:28 28-02-2018 - 13:29
CVE-2018-3741 4.3
There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes ca
30-01-2023 - 16:10 30-03-2018 - 19:29
CVE-2012-6685 5.0
Nokogiri before 1.5.4 is vulnerable to XXE attacks
25-02-2020 - 18:35 19-02-2020 - 15:15
CVE-2018-8048 4.3
In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.
22-11-2019 - 09:15 27-03-2018 - 17:29
CVE-2017-15125 3.5
A flaw was found in CloudForms before 5.9.0.22 in the self-service UI snapshot feature where the name field is not properly sanitized for HTML and JavaScript input. An attacker could use this flaw to execute a stored XSS attack on an application admi
09-10-2019 - 23:24 27-07-2018 - 15:29
CVE-2018-11627 4.3
Sinatra before 2.0.2 has XSS via the 400 Bad Request page that occurs upon a params parser exception.
26-02-2019 - 15:03 31-05-2018 - 19:29
Back to Top Mark selected
Back to Top