ADVISORIES
GEM
SEVERITY
CVSS v3.x: 6.4 (Medium)
PATCHED VERSIONS
- >= 2.3.1
DESCRIPTION
In the Loofah gem, through v2.3.0, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
| Get Updates: | Via Atom | On Twitter | On GitHub |
RubySec
Providing security resources for the Ruby community