ADVISORIES

• CVE-2011-4319 (NVD)
• GHSA-xxr8-833v-c7wc
• OSVDB-77199
• Vendor Advisory

GEM

actionpack

FRAMEWORK

Ruby on Rails

SEVERITY

CVSS v2.0: 4.3 (Medium)

UNAFFECTED VERSIONS

• < 3.0.0

PATCHED VERSIONS

• ~> 3.0.11
• >= 3.1.2

DESCRIPTION

A cross-site scripting (XSS) flaw was found in the way the ‘translate’ helper method of the Ruby on Rails performed HTML escaping of interpolated user input, when interpolation in combination with HTML-safe translations were used. A remote attacker could use this flaw to execute arbitrary HTML or web script by providing a specially-crafted input to Ruby on Rails application, using the ActionPack module and its ‘translate’ helper method without explicit (application specific) sanitization of user provided input.

Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x before 3.0.11 and 3.1.x before 3.1.2, and the rails_xss plugin in Ruby on Rails 2.3.x, allows remote attackers to inject arbitrary web script or HTML via vectors related to a translations string whose name ends with an "html" substring.

RELATED

• https://nvd.nist.gov/vuln/detail/CVE-2011-4319
• http://weblog.rubyonrails.org/2011/11/18/rails-3-0-11-has-been-released
• http://weblog.rubyonrails.org/2011/11/18/rails-3-1-2-has-been-released
• https://groups.google.com/g/rubyonrails-security/c/K2HXD7c8fMU
• https://groups.google.com/g/rubyonrails-security/c/K2HXD7c8fMU/m/gt22xPskXMYJ
• https://github.com/advisories/GHSA-xxr8-833v-c7wc
• http://osvdb.org/77199
• https://exchange.xforce.ibmcloud.com/vulnerabilities/71364
• http://openwall.com/lists/oss-security/2011/11/18/8
• https://web.archive.org/web/20210121211512/http://www.securityfocus.com/bid/50722
• https://web.archive.org/web/20201208053819/http://www.securitytracker.com/id?1026342