github - ghsa-4whc-pp4x-9pf3

ghsa-4whc-pp4x-9pf3

Vulnerability from github

Published

2017-10-24 18:33

Modified

2023-01-20 22:28

Summary

jquery-rails and jquery-ujs subject to Exposure of Sensitive Information

Details

jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.

Show details on source website

JSON

To clipboard

{
  "affected": [
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "jquery-rails"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "3.1.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "jquery-rails"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "4.0.0"
            },
            {
              "fixed": "4.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    },
    {
      "package": {
        "ecosystem": "RubyGems",
        "name": "jquery-ujs"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1.0.4"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ]
    }
  ],
  "aliases": [
    "CVE-2015-1840"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-200"
    ],
    "github_reviewed": true,
    "github_reviewed_at": "2020-06-16T20:59:28Z",
    "nvd_published_at": null,
    "severity": "MODERATE"
  },
  "details": "jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.",
  "id": "GHSA-4whc-pp4x-9pf3",
  "modified": "2023-01-20T22:28:49Z",
  "published": "2017-10-24T18:33:36Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2015-1840"
    },
    {
      "type": "ADVISORY",
      "url": "https://github.com/advisories/GHSA-4whc-pp4x-9pf3"
    },
    {
      "type": "PACKAGE",
      "url": "https://github.com/rails/jquery-rails"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md"
    },
    {
      "type": "WEB",
      "url": "https://github.com/rubysec/ruby-advisory-db/blob/master/gems/jquery-ujs/CVE-2015-1840.yml"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY"
    },
    {
      "type": "WEB",
      "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J"
    },
    {
      "type": "WEB",
      "url": "https://web.archive.org/web/20200228084945/http://www.securityfocus.com/bid/75239"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160906.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161043.html"
    },
    {
      "type": "WEB",
      "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00041.html"
    },
    {
      "type": "WEB",
      "url": "http://openwall.com/lists/oss-security/2015/06/16/15"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [],
  "summary": "jquery-rails and jquery-ujs subject to Exposure of Sensitive Information"
}

CVE-2015-1840 (GCVE-0-2015-1840)

Vulnerability from cvelistv5

Published

2015-07-26 22:00

Modified

2024-08-06 04:54

Severity ?

CWE

Summary

References

URL

Tags

	http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161043.html	vendor-advisory, x_refsource_FEDORA
	http://lists.opensuse.org/opensuse-updates/2015-07/msg00041.html	vendor-advisory, x_refsource_SUSE
	http://openwall.com/lists/oss-security/2015/06/16/15	mailing-list, x_refsource_MLIST
	http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160906.html	vendor-advisory, x_refsource_FEDORA
	https://groups.google.com/forum/message/raw?msg=rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J	mailing-list, x_refsource_MLIST
	http://www.securityfocus.com/bid/75239	vdb-entry, x_refsource_BID
	https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md	x_refsource_CONFIRM
	https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md	x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T04:54:16.349Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "FEDORA-2015-10144",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161043.html"
          },
          {
            "name": "openSUSE-SU-2015:1260",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00041.html"
          },
          {
            "name": "[oss-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "http://openwall.com/lists/oss-security/2015/06/16/15"
          },
          {
            "name": "FEDORA-2015-10258",
            "tags": [
              "vendor-advisory",
              "x_refsource_FEDORA",
              "x_transferred"
            ],
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160906.html"
          },
          {
            "name": "[rubyonrails-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J"
          },
          {
            "name": "75239",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/75239"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2015-06-16T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2016-11-28T20:57:01",
        "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "shortName": "redhat"
      },
      "references": [
        {
          "name": "FEDORA-2015-10144",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161043.html"
        },
        {
          "name": "openSUSE-SU-2015:1260",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00041.html"
        },
        {
          "name": "[oss-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "http://openwall.com/lists/oss-security/2015/06/16/15"
        },
        {
          "name": "FEDORA-2015-10258",
          "tags": [
            "vendor-advisory",
            "x_refsource_FEDORA"
          ],
          "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160906.html"
        },
        {
          "name": "[rubyonrails-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J"
        },
        {
          "name": "75239",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/75239"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2015-1840",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "FEDORA-2015-10144",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161043.html"
            },
            {
              "name": "openSUSE-SU-2015:1260",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00041.html"
            },
            {
              "name": "[oss-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
              "refsource": "MLIST",
              "url": "http://openwall.com/lists/oss-security/2015/06/16/15"
            },
            {
              "name": "FEDORA-2015-10258",
              "refsource": "FEDORA",
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160906.html"
            },
            {
              "name": "[rubyonrails-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
              "refsource": "MLIST",
              "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J"
            },
            {
              "name": "75239",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/75239"
            },
            {
              "name": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md",
              "refsource": "CONFIRM",
              "url": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md"
            },
            {
              "name": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md",
              "refsource": "CONFIRM",
              "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
    "assignerShortName": "redhat",
    "cveId": "CVE-2015-1840",
    "datePublished": "2015-07-26T22:00:00",
    "dateReserved": "2015-02-17T00:00:00",
    "dateUpdated": "2024-08-06T04:54:16.349Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

gsd-2015-1840

Vulnerability from gsd

Modified

2015-06-16 00:00

Details

In the scenario where an attacker might be able to control the href attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the href or action to " https://attacker.com" (note the leading space) that will be passed to JQuery, who will see this as a same origin request, and send the user's CSRF token to the attacker domain. To work around this problem, change code that allows users to control the href attribute of an anchor tag or the action attribute of a form tag to filter the user parameters. For example, code like this: link_to params to code like this: link_to filtered_params def filtered_params \# Filter just the parameters that you trust end See also: - http://blog.honeybadger.io/understanding-the-rails-jquery-csrf-vulnerability-cve-2015-1840/

Aliases

CVE-2015-1840

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-1840",
    "description": "jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.",
    "id": "GSD-2015-1840",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-1840.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "affected": [
        {
          "package": {
            "ecosystem": "RubyGems",
            "name": "jquery-rails",
            "purl": "pkg:gem/jquery-rails"
          }
        }
      ],
      "aliases": [
        "CVE-2015-1840",
        "GHSA-4whc-pp4x-9pf3"
      ],
      "details": "In the scenario where an attacker might be able to control the href attribute\nof an anchor tag or the action attribute of a form tag that will trigger a\nPOST action, the attacker can set the href or action to\n\" https://attacker.com\" (note the leading space) that will be passed to\nJQuery, who will see this as a same origin request, and send the user\u0027s CSRF\ntoken to the attacker domain.\n\nTo work around this problem, change code that allows users to control the\nhref attribute of an anchor tag or the action attribute of a form tag to\nfilter the user parameters.\n\nFor example, code like this:\n\n  link_to params\n\nto code like this:\n\n  link_to filtered_params\n\n  def filtered_params\n    \\# Filter just the parameters that you trust\n  end\n\nSee also:\n- http://blog.honeybadger.io/understanding-the-rails-jquery-csrf-vulnerability-cve-2015-1840/\n",
      "id": "GSD-2015-1840",
      "modified": "2015-06-16T00:00:00.000Z",
      "published": "2015-06-16T00:00:00.000Z",
      "references": [
        {
          "type": "WEB",
          "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY"
        }
      ],
      "schema_version": "1.4.0",
      "severity": [
        {
          "score": 5.0,
          "type": "CVSS_V2"
        }
      ],
      "summary": "CSRF Vulnerability in jquery-rails"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert@redhat.com",
        "ID": "CVE-2015-1840",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "FEDORA-2015-10144",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161043.html"
          },
          {
            "name": "openSUSE-SU-2015:1260",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00041.html"
          },
          {
            "name": "[oss-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
            "refsource": "MLIST",
            "url": "http://openwall.com/lists/oss-security/2015/06/16/15"
          },
          {
            "name": "FEDORA-2015-10258",
            "refsource": "FEDORA",
            "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160906.html"
          },
          {
            "name": "[rubyonrails-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
            "refsource": "MLIST",
            "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J"
          },
          {
            "name": "75239",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/75239"
          },
          {
            "name": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md",
            "refsource": "CONFIRM",
            "url": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md"
          },
          {
            "name": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md",
            "refsource": "CONFIRM",
            "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md"
          }
        ]
      }
    },
    "github.com/rubysec/ruby-advisory-db": {
      "cve": "2015-1840",
      "cvss_v2": 5.0,
      "date": "2015-06-16",
      "description": "In the scenario where an attacker might be able to control the href attribute\nof an anchor tag or the action attribute of a form tag that will trigger a\nPOST action, the attacker can set the href or action to\n\" https://attacker.com\" (note the leading space) that will be passed to\nJQuery, who will see this as a same origin request, and send the user\u0027s CSRF\ntoken to the attacker domain.\n\nTo work around this problem, change code that allows users to control the\nhref attribute of an anchor tag or the action attribute of a form tag to\nfilter the user parameters.\n\nFor example, code like this:\n\n  link_to params\n\nto code like this:\n\n  link_to filtered_params\n\n  def filtered_params\n    \\# Filter just the parameters that you trust\n  end\n\nSee also:\n- http://blog.honeybadger.io/understanding-the-rails-jquery-csrf-vulnerability-cve-2015-1840/\n",
      "gem": "jquery-ujs",
      "ghsa": "4whc-pp4x-9pf3",
      "patched_versions": [
        "\u003e= 1.0.4"
      ],
      "title": "CSRF Vulnerability in jquery-ujs",
      "url": "https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY"
    },
    "gitlab.com": {
      "advisories": [
        {
          "affected_range": "\u003c3.1.3||\u003e=4.0.0a \u003c4.0.4",
          "affected_versions": "All versions before 3.1.3, all versions starting from 4.0.0a before 4.0.4",
          "credit": "Ben Toews of GitHub",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-200",
            "CWE-937"
          ],
          "date": "2018-10-30",
          "description": "In the scenario where an attacker might be able to control the `href` attribute of an anchor tag or the action attribute of a form tag that will trigger a POST action, the attacker can set the `href` or `action` to ` https://attacker.com` (note the leading space) that will be passed to JQuery, who will see this as a same origin request, and send the user\u0027s CSRF token to the attacker domain.",
          "fixed_versions": [
            "3.1.3",
            "4.0.4"
          ],
          "identifier": "CVE-2015-1840",
          "identifiers": [
            "CVE-2015-1840"
          ],
          "package_slug": "gem/jquery-rails",
          "pubdate": "2015-07-26",
          "solution": "Upgrade to latest, apply patch or use workaround; see provided link.",
          "title": "CSRF vulnerability",
          "urls": [
            "https://groups.google.com/forum/#!topic/ruby-security-ann/XIZPbobuwaY"
          ],
          "uuid": "1fbb8814-1e70-42ab-a3c2-b19fb3dfc5e8"
        },
        {
          "affected_range": "\u003c1.0.4",
          "affected_versions": "All versions before 1.0.4",
          "cvss_v2": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
          "cwe_ids": [
            "CWE-1035",
            "CWE-200",
            "CWE-352",
            "CWE-937"
          ],
          "date": "2021-09-01",
          "description": "jquery_ujs.js in jquery-rails and rails.js in jquery-ujs, as used with Ruby on Rails, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value.",
          "fixed_versions": [
            "1.0.4"
          ],
          "identifier": "CVE-2015-1840",
          "identifiers": [
            "GHSA-4whc-pp4x-9pf3",
            "CVE-2015-1840"
          ],
          "not_impacted": "All versions starting from 1.0.4",
          "package_slug": "gem/jquery-ujs",
          "pubdate": "2017-10-24",
          "solution": "Upgrade to version 1.0.4 or above.",
          "title": "Exposure of Sensitive Information to an Unauthorized Actor",
          "urls": [
            "https://nvd.nist.gov/vuln/detail/CVE-2015-1840",
            "https://github.com/advisories/GHSA-4whc-pp4x-9pf3",
            "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md",
            "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md",
            "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J",
            "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160906.html",
            "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161043.html",
            "http://lists.opensuse.org/opensuse-updates/2015-07/msg00041.html",
            "http://openwall.com/lists/oss-security/2015/06/16/15",
            "http://www.securityfocus.com/bid/75239"
          ],
          "uuid": "d2aee5c2-1058-4cfa-80bf-3c39413b1b2b"
        }
      ]
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:rubyonrails:jquery-rails:4.0.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubyonrails:jquery-rails:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "3.1.2",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubyonrails:jquery-rails:4.0.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:rubyonrails:jquery-ujs:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "1.0.3",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert@redhat.com",
          "ID": "CVE-2015-1840"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "jquery_ujs.js in jquery-rails before 3.1.3 and 4.x before 4.0.4 and rails.js in jquery-ujs before 1.0.4, as used with Ruby on Rails 3.x and 4.x, allow remote attackers to bypass the Same Origin Policy, and trigger transmission of a CSRF token to a different-domain web server, via a leading space character in a URL within an attribute value."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "CWE-200"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://github.com/rails/jquery-ujs/blob/master/CHANGELOG.md"
            },
            {
              "name": "[rubyonrails-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
              "refsource": "MLIST",
              "tags": [
                "Exploit",
                "Vendor Advisory"
              ],
              "url": "https://groups.google.com/forum/message/raw?msg=rubyonrails-security/XIZPbobuwaY/fqnzzpuOlA4J"
            },
            {
              "name": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md",
              "refsource": "CONFIRM",
              "tags": [
                "Vendor Advisory"
              ],
              "url": "https://github.com/rails/jquery-rails/blob/master/CHANGELOG.md"
            },
            {
              "name": "[oss-security] 20150616 [CVE-2015-1840] CSRF Vulnerability in jquery-ujs and jquery-rails",
              "refsource": "MLIST",
              "tags": [],
              "url": "http://openwall.com/lists/oss-security/2015/06/16/15"
            },
            {
              "name": "openSUSE-SU-2015:1260",
              "refsource": "SUSE",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2015-07/msg00041.html"
            },
            {
              "name": "FEDORA-2015-10258",
              "refsource": "FEDORA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/160906.html"
            },
            {
              "name": "FEDORA-2015-10144",
              "refsource": "FEDORA",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-June/161043.html"
            },
            {
              "name": "75239",
              "refsource": "BID",
              "tags": [],
              "url": "http://www.securityfocus.com/bid/75239"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "availabilityImpact": "NONE",
            "baseScore": 5.0,
            "confidentialityImpact": "PARTIAL",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
            "version": "2.0"
          },
          "exploitabilityScore": 10.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2018-10-30T16:27Z",
      "publishedDate": "2015-07-26T22:59Z"
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

ghsa-4whc-pp4x-9pf3

Vulnerability from github

CVE-2015-1840 (GCVE-0-2015-1840)

Vulnerability from cvelistv5

gsd-2015-1840

Vulnerability from gsd

Tags

Sightings

Nomenclature