Rubyonrails Html Sanitizer — known CVE vulnerabilities
Every CVE whose affected-product data names Rubyonrails Html Sanitizer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2015-7578 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote…
CVE-2015-7579 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in the rails-html-sanitizer gem 1.0.2 for Ruby on Rails 4.2.x and 5.x allows remote attackers to…
CVE-2015-7580 — CVSS 6.1 (medium): Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails…
CVE-2018-3741 — CVSS 6.1 (medium): There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted…