CVE-2024-26143

CVSS V2 None CVSS V3 None
Description
Rails is a web-application framework. There is a possible XSS vulnerability when using the translation helpers in Action Controller. Applications using translation methods like translate, or t on a controller, with a key ending in "_html", a :default key which contains untrusted user input, and the resulting string is used in a view, may be susceptible to an XSS vulnerability. The vulnerability is fixed in 7.1.3.1 and 7.0.8.1.
Overview
  • CVE ID
  • CVE-2024-26143
  • Assigner
  • GitHub_M
  • Vulnerability Status
  • PUBLISHED
  • Published Version
  • 2024-02-27T15:33:54.643Z
  • Last Modified Date
  • 2024-02-28T15:48:59.407Z
History
Created Old Value New Value Data Type Notes
2024-06-26 00:30:15 Added to TrackCVE