Description
Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute.
Remediation
References
Related Vulnerabilities
WordPress Plugin Dexs PM System Cross-Site Scripting (1.0.1)
MySQL CVE-2024-21232 Vulnerability (CVE-2024-21232)
WordPress Plugin WP Simple Login Registration Cross-Site Scripting (1.0.2)
WordPress Plugin GiveWP-Donation and Fundraising Platform Cross-Site Scripting (2.9.7)
WordPress Plugin Two-Factor Authentication-Clockwork SMS Cross-Site Scripting (1.0.3)