Description
Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2023-21954 Vulnerability (CVE-2023-21954)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2009-3946)
Oracle Database Server Other Vulnerability (CVE-2005-3444)
MySQL CVE-2021-2058 Vulnerability (CVE-2021-2058)
WordPress Plugin Content Audit Multiple Vulnerabilities (1.9.1)