FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-03-28 15:43:32 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
43f1c867-654a-11e6-8286-00248c0c745dRails 4 -- Possible XSS Vulnerability in Action View

Ruby Security team reports:

There is a possible XSS vulnerability in Action View. Text declared as "HTML safe" will not have quotes escaped when used as attribute values in tag helpers. This vulnerability has been assigned the CVE identifier CVE-2016-6316.


Discovery 2016-08-11
Entry 2016-08-18
rubygem-actionview
gt 3.0.0 lt 4.2.7.1

https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE
CVE-2016-6316