CVE-2018-8048 - CERT CVE

  1. CVE-2018-8048

ID CVE-2018-8048
Sažetak In the Loofah gem through 2.2.0 for Ruby, non-whitelisted HTML attributes may occur in sanitized output by republishing a crafted HTML fragment.
Reference
CVSS
Base: 4.3
Impact: 2.9
Exploitability:8.6
Pristup
VektorSloženostAutentikacija
NETWORK MEDIUM NONE
Impact
PovjerljivostCjelovitostDostupnost
NONE PARTIAL NONE
CVSS vektor AV:N/AC:M/Au:N/C:N/I:P/A:N
Zadnje važnije ažuriranje 22-11-2019 - 09:15
Objavljeno 27-03-2018 - 17:29