Description A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6. Remediation References CVE-2011-1497 Related Vulnerabilities WordPress 3.9.x Multiple Vulnerabilities (3.9 - 3.9.30) Joomla Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2020-15700) WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Disclosure (3.7) WordPress Plugin Premium Addons for Elementor Security Bypass (4.5.1) TYPO3 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2009-3632) Severity Medium Classification CVE-2011-1497 CWE-707 CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N Tags Missing Update Known Vulnerabilities