CVSS: 4.3EPSS: 0%CPEs: 30EXPL: 0CVE-2011-0446
https://notcve.org/view.php?id=CVE-2011-0446
Multiple cross-site scripting (XSS) vulnerabilities in the mail_to helper in Ruby on Rails before 2.3.11, and 3.x before 3.0.4, when javascript encoding is used, allow remote attackers to inject arbitrary web script or HTML via a crafted (1) name or (2) email value. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en la ayuda mail_to en Ruby on Rails en versiones anteriores a v2.3.11, y v3.x anterior a v3.0.4, cuando se usa la codificación Javascript permite a atacantes remotos inyectar secuencias de comandos web o HTML a través del parámetro manipulado a (1) nombre y (2)email . • http://groups.google.com/group/rubyonrails-security/msg/365b8a23b76a6b4a?dmode=source&output=gplain http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055074.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055088.html http://secunia.com/advisories/43274 http://secunia.com/advisories/43666 http://www.debian.org/security/2011/dsa-2247 http://www.securityfocus.com/bid/46291 http:/& • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.8EPSS: 0%CPEs: 24EXPL: 0CVE-2011-0447
https://notcve.org/view.php?id=CVE-2011-0447
Ruby on Rails 2.1.x, 2.2.x, and 2.3.x before 2.3.11, and 3.x before 3.0.4, does not properly validate HTTP requests that contain an X-Requested-With header, which makes it easier for remote attackers to conduct cross-site request forgery (CSRF) attacks via forged (1) AJAX or (2) API requests that leverage "combinations of browser plugins and HTTP redirects," a related issue to CVE-2011-0696. Ruby on Rails v2.1.x, v2.2.x, and v2.3.x anteriores a v2.3.11,y v3.x anteriores a v3.0.4 no valida correctamente las solicitudes HTTP que contienen una cabecera X-Requested-With, que le hace más fácil para los atacantes remotos para llevar a cabo una vulnerabilidades de falsificación de petición en sitios cruzados (CSRF) en AJAX o peticiones API, que aprovechan "combinaciones de complementos del navegador y redirecciones" esta relacionado con CVE-2011-0696 • http://groups.google.com/group/rubyonrails-security/msg/c22ea1668c0d181c?dmode=source&output=gplain http://lists.fedoraproject.org/pipermail/package-announce/2011-April/057650.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055074.html http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055088.html http://secunia.com/advisories/43274 http://secunia.com/advisories/43666 http://weblog.rubyonrails.org/2011/2/8/csrf-protection-bypass-in-ruby-on-rails http://www.deb • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 15%CPEs: 5EXPL: 2CVE-2008-7248 – Ruby on Rails 2.3.5 - 'protect_from_forgery' Cross-Site Request Forgery
https://notcve.org/view.php?id=CVE-2008-7248
Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain. Ruby on Rails v2.1 anteriores a v2.1.3 y v2.2.x anteriores a v2.2.2 no verifica los token en peticiones con ciertos tipos de contenido, lo que permite a atacantes remotos evitar la protección contra la falsificación de petición en sitios cruzados (CSRF) para peticiones de aplicaciones que la requieren con se demuestra en el uso de texto plano. • https://www.exploit-db.com/exploits/33402 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/d741ee286e36e301?hl=en http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://pseudo-flaw.net/content/web-browsers/form-data-encoding-roundup http://secunia.com/advisories/36600 http://secunia.com/advisories/38915 http://weblog.rubyonrails.org/2008/11/18/potential-circumvention-of-csrf-protection-in-rails-2-1 http://www.openwall.com/lists/oss-security/ • CWE-20: Improper Input Validation •
CVSS: 4.3EPSS: 0%CPEs: 55EXPL: 0CVE-2009-4214
https://notcve.org/view.php?id=CVE-2009-4214
Cross-site scripting (XSS) vulnerability in the strip_tags function in Ruby on Rails before 2.2.s, and 2.3.x before 2.3.5, allows remote attackers to inject arbitrary web script or HTML via vectors involving non-printing ASCII characters, related to HTML::Tokenizer and actionpack/lib/action_controller/vendor/html-scanner/html/node.rb. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Ruby on Rails anterior v2.2.s, y v2.3.x anterior v2.3.5, permite a atacantes remotos inyectar código Web o HTML a su lección a través de vectores que incluyen caracteres ASCII no imprimibles, relacionado con HTML::Tokenizer y actionpack/lib/action_controller/vendor/html-scanner/html/node.rb. • http://github.com/rails/rails/commit/bfe032858077bb2946abe25e95e485ba6da86bd5 http://groups.google.com/group/rubyonrails-security/browse_thread/thread/4d4f71f2aef4c0ab?pli=1 http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2010-03/msg00004.html http://secunia.com/advisories/37446 http://secunia.com/advisories/38915 http://support.apple.com/kb/HT4077 http://weblog.rubyonrails.org/2009/11/30/ruby-on-rails-2-3-5-released • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.0EPSS: 0%CPEs: 8EXPL: 0CVE-2009-3086
https://notcve.org/view.php?id=CVE-2009-3086
A certain algorithm in Ruby on Rails 2.1.0 through 2.2.2, and 2.3.x before 2.3.4, leaks information about the complexity of message-digest signature verification in the cookie store, which might allow remote attackers to forge a digest via multiple attempts. Un determinado algoritmo de Ruby on Rails v2.1.0 hasta v2.2.2 y v2.3.x antes de v2.3.4, filtra información de la complejidad de la verificación de firmas Hash en el almacen de cookies, lo que podría permitir crear una firma Hash a atacantes remotos a través de múltiples intentos. • http://lists.opensuse.org/opensuse-security-announce/2009-10/msg00004.html http://secunia.com/advisories/36600 http://weblog.rubyonrails.org/2009/9/4/timing-weakness-in-ruby-on-rails http://www.debian.org/security/2011/dsa-2260 http://www.securityfocus.com/bid/37427 http://www.vupen.com/english/advisories/2009/2544 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •