1 results (0.015 seconds)
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 1
CVE-2020-36190
https://notcve.org/view.php?id=CVE-2020-36190
RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows XSS via nested forms. RailsAdmin (también se conoce como rails_admin) versiones anteriores a 1.4.3 y versiones 2.x anteriores a 2.0.2, permite un ataque de tipo XSS por medio de formularios anidados • https://github.com/sferik/rails_admin/blob/master/README.md https://github.com/sferik/rails_admin/commit/d72090ec6a07c3b9b7b48ab50f3d405f91ff4375 https://github.com/sferik/rails_admin/compare/v1.4.2...v1.4.3 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •