Skip to content

Commit

Permalink
CVE-2018-8048 - Loofah XSS Vulnerability (#332)
Browse files Browse the repository at this point in the history
  • Loading branch information
ghiculescu authored and reedloden committed Mar 20, 2018
1 parent 3f5830b commit a327d8e
Showing 1 changed file with 11 additions and 0 deletions.
11 changes: 11 additions & 0 deletions gems/loofah/CVE-2018-8048.yml
Original file line number Diff line number Diff line change
@@ -0,0 +1,11 @@
---
gem: loofah
cve: 2018-8048
url: https://github.com/flavorjones/loofah/issues/144
title: Loofah XSS Vulnerability
date: 2018-03-16
description: |
Loofah allows non-whitelisted attributes to be present in sanitized
output when input with specially-crafted HTML fragments.
patched_versions:
- ">= 2.2.1"

0 comments on commit a327d8e

Please sign in to comment.