[GHSA-xxr8-833v-c7wc] Cross-site Scripting vulnerability in i18n translations helper method #2324

jasnow · 2023-05-25T23:36:27Z

Updates

Affected products

Comments
Change package name from rails to actionpack. Reference: https://github.com/rubysec/ruby-advisory-db/blob/master/gems/actionpack/CVE-2011-4319.yml

shelbyc · 2023-05-26T21:06:34Z

The fix commit for 3.0.11 and the [fix commit for 3.1.2](are now in the references so readers can confirm that files under the actionpack folder were affected by this issue. Some advisories that were published on now-defunct websites have been replaced with archive links as well.

advisory-database · 2023-05-26T21:06:35Z

Hi @jasnow! Thank you so much for contributing to the GitHub Advisory Database. This database is free, open, and accessible to all, and it's people like you who make it great. Thanks for choosing to help others. We hope you send in more contributions in the future!

Improve GHSA-xxr8-833v-c7wc

bd20eee

github-actions bot changed the base branch from main to jasnow/advisory-improvement-2324 May 25, 2023 23:37

advisory-database bot merged commit b27fee6 into jasnow/advisory-improvement-2324 May 26, 2023
2 checks passed

advisory-database bot deleted the jasnow-GHSA-xxr8-833v-c7wc branch May 26, 2023 21:06

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[GHSA-xxr8-833v-c7wc] Cross-site Scripting vulnerability in i18n translations helper method #2324

[GHSA-xxr8-833v-c7wc] Cross-site Scripting vulnerability in i18n translations helper method #2324

jasnow commented May 25, 2023

shelbyc commented May 26, 2023

advisory-database bot commented May 26, 2023

[GHSA-xxr8-833v-c7wc] Cross-site Scripting vulnerability in i18n translations helper method #2324

[GHSA-xxr8-833v-c7wc] Cross-site Scripting vulnerability in i18n translations helper method #2324

Conversation

jasnow commented May 25, 2023

shelbyc commented May 26, 2023

advisory-database bot commented May 26, 2023