Published: 26/05/2022 Updated: 14/03/2023

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an malicious user to inject content if able to control input into specific attributes.

Vulnerable Product	Search on Vulmon	Subscribe to Product
rubyonrails actionpack
debian debian linux 10.0

Synopsis Important: Satellite 613 Release Type/Severity Security Advisory: Important Red Hat Insights patch analysis Identify and remediate systems affected by this advisory View affected systems Topic An update is now available for Red Hat Satellite 613 The release contains anew version of Satellite and important security fixes ...

Debian Bug report logs - #1016982 rails: CVE-2022-27777 Package: src:rails; Maintainer for src:rails is Debian Ruby Team <pkg-ruby-extras-maintainers@listsaliothdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Wed, 10 Aug 2022 20:21:01 UTC Severity: grave Tags: security, upstream Reply or s ...

Multiple vulnerabilities were discovered in rails, the Ruby based server-side MVC web application framework, which could result in XSS, data disclosure and open redirect For the stable distribution (bullseye), these problems have been fixed in version 2:6037+dfsg-2+deb11u1 We recommend that you upgrade your rails packages For the detailed sec ...

CWE-79 https://discuss.rubyonrails.org/t/cve-2022-27777-possible-xss-vulnerability-in-action-view-tag-helpers/80534 https://lists.debian.org/debian-lts-announce/2022/09/msg00002.html https://www.debian.org/security/2023/dsa-5372 https://access.redhat.com/errata/RHSA-2023:2097 https://nvd.nist.gov https://www.debian.org/security/2023/dsa-5372

CVE-2022-27777

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect