📦

actionview

Vendor: rubyonrails

Actively Exploited 0 CISA KEV List

PoC / Exploits 0 Code Available

Total RCEs 0 Remote Access

Total CVEs 1 Total Indexed

Avg. EPSS 0.89% Exploit Prob.

Latest CVE CVE-2020-5267 Mar 19

Security Vulnerability Index

Page 1 / 1

4.0 CVSS

CVE-2020-5267

In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.

EPSS: 0.89%

Severity: MEDIUM

Mar 19, 2020

Displaying 1 of 1 Total Entries

Total 1 Sections