CVE-2011-1497

MEDIUM6.1EPSS 0.33%

Cross site scripting in actionpack Rubygem

Published: 4/22/2022Modified: 1/20/2025
Also known as:GHSA-q58j-fmvf-9rq6

Description

A cross-site scripting vulnerability flaw was found in the `auto_link` function in Rails before version 3.0.6.

Affected packages (1)

CVSS scores

SourceVersionSeverityVector
osvCVSS 3.1MEDIUM6.1CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

References (7)