CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Rubyonrails: >> Actionview Security Vulnerabilities

CVE-2020-5267

In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the `j` or `escape_javascript` methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.

CVSS Score

4.0

EPSS Score

0.009

Published

2020-03-19

Page 1

Vulnerabilities

Vulnerable Software

Rubyonrails: >> Actionview Security Vulnerabilities

Products

Pricing

Contact Us