Action Text brings rich text content and editing to Rails. Instances of ActionText::Attachable::ContentAttachment included within a rich_text_area tag could potentially contain unsanitized HTML. This vulnerability is fixed in 7.1.3.4 and 7.2.0.beta2.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rubyonrails rails 7.2.0 |
||
rubyonrails rails |