RubySec

Providing security resources for the Ruby community

CVE-2013-1857 (actionpack): XSS Vulnerability in the `sanitize` helper of Ruby on Rails

ADVISORIES

GEM

actionpack

FRAMEWORK

rails

SEVERITY

CVSS v2: 4.3

PATCHED VERSIONS

  • ~> 2.3.18
  • ~> 3.1.12
  • >= 3.2.13

DESCRIPTION

The sanitize helper in Ruby on Rails is designed to filter HTML and remove all tags and attributes which could be malicious. The code which ensured that URLs only contain supported protocols contained several bugs which could allow an attacker to embed a tag containing a URL which executes arbitrary javascript code.