CVE-2013-1855 – rubygem-actionpack: css_sanitization: XSS vulnerability in sanitize_css
https://notcve.org/view.php?id=CVE-2013-1855
The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle \n (newline) characters, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences. El método sanitize_css en lib/action_controller/vendor/html-scanner/html/sanitizer.rb en el componente Action Pack en Ruby on Rails anterior a v2.3.18, v3.0.x y v3.1.x anterior a v3.1.12, y v3.2.x anterior a v3.2.13, no menaja adecuadamente los caracteres \n (nueva línea), lo que facilita a atacantes remotos llevar a cabo ataques XSS a través de secuencias CSS. A cross-site scripting (XSS) flaw was found in Action Pack. A remote attacker could use this flaw to conduct XSS attacks against users of an application using Action Pack. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00072.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00073.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00013.html http://rhn.redhat.com/errata/RHSA-2013-0698.html http://rhn.redhat.com/errata/RHSA-2014-1863.html http://support.apple.com/kb/HT5784 http:/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2013-1857 – rubygem-actionpack: sanitize_protocol: XSS Vulnerability in the helper of Ruby on Rails
https://notcve.org/view.php?id=CVE-2013-1857
The sanitize helper in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle encoded : (colon) characters in URLs, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via a crafted scheme name, as demonstrated by including a : sequence. El sanitize helper en lib/action_controller/vendor/html-scanner/html/sanitizer.rb en el componente Action Pack en Ruby on Rails en versiones anteriores a 2.3.18, 3.0.x y 3.1.x en versiones anteriores a 3.1.12 y 3.2.x en versiones anteriores a 3.2.13 no maneja adecuadamente codificación de caracteres : (dos puntos) en URLs, lo que hace que sea más fácil para atacantes remotos llevar a cabo ataques de secuencias de comandos en sitios cruzados (XSS) a través de un nombre de esquema manipulado, según lo demostrado incluyendo una secuencia :. A cross-site scripting (XSS) flaw was found in Action Pack. A remote attacker could use this flaw to conduct XSS attacks against users of an application using Action Pack. • http://lists.apple.com/archives/security-announce/2013/Jun/msg00000.html http://lists.apple.com/archives/security-announce/2013/Oct/msg00006.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00072.html http://lists.opensuse.org/opensuse-updates/2013-04/msg00073.html http://lists.opensuse.org/opensuse-updates/2014-01/msg00013.html http://rhn.redhat.com/errata/RHSA-2013-0698.html http://rhn.redhat.com/errata/RHSA-2014-1863.html http://support.apple.com/kb/HT5784 http:/ • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •