admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-07-09 16:05:11 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2024/CVE-2024-393xx/CVE-2024-39308.json
cad-safe-bot 9d8babeec3 Auto-Update: 2024-07-14T02:00:17.787041+00:00
2024-07-14 02:06:08 +00:00

80 lines
2.6 KiB
JSON
Raw Blame History

{
"id": "CVE-2024-39308",
"sourceIdentifier": "security-advisories@github.com",
"published": "2024-07-08T15:15:22.080",
"lastModified": "2024-07-08T15:49:22.437",
"vulnStatus": "Undergoing Analysis",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released)."
},
{
"lang": "es",
"value": "RailsAdmin es un motor Rails que proporciona una interfaz para gestionar datos. La vista de lista RailsAdmin tiene la vulnerabilidad XSS, causada por un atributo de t\u00edtulo HTML con escape incorrecto. Actualice a 3.1.3 o 2.2.2 (por publicarse)."
}
],
"metrics": {
"cvssMetricV30": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"cvssData": {
"version": "3.0",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N",
"attackVector": "NETWORK",
"attackComplexity": "LOW",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "CHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"availabilityImpact": "NONE",
"baseScore": 6.8,
"baseSeverity": "MEDIUM"
},
"exploitabilityScore": 2.3,
"impactScore": 4.0
}
]
},
"weaknesses": [
{
"source": "security-advisories@github.com",
"type": "Secondary",
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
],
"references": [
{
"url": "https://github.com/railsadminteam/rails_admin/commit/b5a287d82e2cbd1737a1a01e11ede2911cce7fef",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/railsadminteam/rails_admin/commit/d84b39884059c4ed50197cec8522cca029a17673",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/railsadminteam/rails_admin/issues/3686",
"source": "security-advisories@github.com"
},
{
"url": "https://github.com/railsadminteam/rails_admin/security/advisories/GHSA-8qgm-g2vv-vwvc",
"source": "security-advisories@github.com"
},
{
"url": "https://rubygems.org/gems/rails_admin/versions/2.3.0",
"source": "security-advisories@github.com"
},
{
"url": "https://rubygems.org/gems/rails_admin/versions/3.1.3",
"source": "security-advisories@github.com"
}
]
}
Reference in New Issue View Git Blame Copy Permalink