admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-12-15 12:22:09 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2016/6xxx/CVE-2016-6316.json
CVE Team 671cf53bad
- Synchronized data.
2017-12-08 06:04:30 -05:00

88 lines
2.5 KiB
JSON
Raw Blame History

{
"CVE_data_meta" : {
"ASSIGNER" : "cve@mitre.org",
"ID" : "CVE-2016-6316",
"STATE" : "PUBLIC"
},
"affects" : {
"vendor" : {
"vendor_data" : [
{
"product" : {
"product_data" : [
{
"product_name" : "n/a",
"version" : {
"version_data" : [
{
"version_value" : "n/a"
}
]
}
}
]
},
"vendor_name" : "n/a"
}
]
}
},
"data_format" : "MITRE",
"data_type" : "CVE",
"data_version" : "4.0",
"description" : {
"description_data" : [
{
"lang" : "eng",
"value" : "Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as \"HTML safe\" and used as attribute values in tag handlers."
}
]
},
"problemtype" : {
"problemtype_data" : [
{
"description" : [
{
"lang" : "eng",
"value" : "n/a"
}
]
}
]
},
"references" : {
"reference_data" : [
{
"url" : "http://www.openwall.com/lists/oss-security/2016/08/11/3"
},
{
"url" : "https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE"
},
{
"url" : "http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/"
},
{
"url" : "https://puppet.com/security/cve/cve-2016-6316"
},
{
"url" : "http://www.debian.org/security/2016/dsa-3651"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1855.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1856.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1857.html"
},
{
"url" : "http://rhn.redhat.com/errata/RHSA-2016-1858.html"
},
{
"url" : "http://www.securityfocus.com/bid/92430"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink