CVE-2018-3741 - Vulnerability Details

CVE-2018-3741 - rubygem-rails-html-sanitizer: non-whitelisted attributes are present in sanitized output when input with specially-crafted HTML fragments leading to XSS vulnerability

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah. All users running an affected release should either upgrade or use one of the workarounds immediately.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

This CVE is not in the KEV list.

The EPSS score is 0.00129.

Key SSVC decision points have not yet been added.

Default status is the baseline for the product, each version can override it (e.g. patched versions marked unaffected).

Vendor Product Default status Versions

Rails

rails-html-sanitizer

affected

Version	Status	Constraints
`<= 1.0.3`	affected	—

Configuration 1 [-]

cpe:2.3:a:rubyonrails:html_sanitizer:*:*:*:*:*:ruby:*:*

Package	CPE	Advisory	Released Date
CloudForms Management Engine 5.10
ansible-runner-0:1.1.2-2.el7ar	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ansible-tower-0:3.3.3-1.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
bubblewrap-0:0.1.7-1.el7	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
cfme-0:5.10.0.33-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
cfme-amazon-smartstate-0:5.10.0.33-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
cfme-appliance-0:5.10.0.33-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
cfme-gemset-0:5.10.0.33-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
dbus-api-service-0:1.0.1-5.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
dumb-init-0:1.2.0-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
erlang-0:19.3.6.7-1.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
google-compute-engine-0:2.0.0-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
google-config-0:2.0.0-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
httpd-configmap-generator-0:0.2.2-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
nginx-1:1.10.2-1.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-cluster-upgrade-0:1.1.8-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-disaster-recovery-0:1.1.2-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-engine-setup-0:1.1.5-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-image-template-0:1.1.8-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-infra-0:1.1.8-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-manageiq-0:1.1.12-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-repositories-0:1.1.2-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-roles-0:1.1.5-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-shutdown-env-0:1.0.0-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-v2v-conversion-host-0:1.6.3-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ovirt-ansible-vm-infra-0:1.1.10-1.el7ev	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
postgresql96-0:9.6.10-1PGDG.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
prince-0:9.0r2-10.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
pyOpenSSL-0:17.3.0-4.el7ost	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-bambou-0:3.0.1-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-colorama-0:0.3.7-2.el7ost	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-crypto-0:2.6.1-16.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-daemon-0:2.1.2-7.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-funcsigs-0:1.0.2-1.el7ost	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-future-0:0.16.0-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-lockfile-1:0.11.0-10.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-meld3-0:0.6.10-1.el7	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-mock-0:2.0.0-1.el7ost	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-pbr-0:3.1.1-2.el7ost	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-pexpect-0:4.6-1.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-psutil-0:5.4.3-2.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-ptyprocess-0:0.5.2-3.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-pylxca-0:2.1.1-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-pysocks-0:1.5.6-3.el7ost	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-requests-0:2.14.2-1.el7ost	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-requests-toolbelt-0:0.8.0-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-tabulate-0:0.8.2-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-urllib3-0:1.21.1-1.2.el7ost	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
python-vspk-0:5.3.2-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
qpid-proton-0:0.19.0-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rabbitmq-server-0:3.7.4-1.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rh-postgresql95-postgresql-pglogical-0:2.1.0-4.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rh-postgresql95-repmgr-0:4.0.6-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
ruby-0:2.4.5-90.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-bcrypt-0:3.1.12-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-ffi-0:1.9.25-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-hamlit-0:2.8.8-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-http_parser.rb-0:0.6.0-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-json-0:2.1.0-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-linux_block_device-0:0.2.1-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-memory_buffer-0:0.1.0-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-nio4r-0:2.3.1-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-nokogiri-0:1.8.2-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-ovirt-engine-sdk4-0:4.2.4-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-pg-0:0.18.4-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-puma-0:3.7.1-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-qpid_proton-0:0.22.0-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-redhat_access_cfme-0:2.0.3-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-redhat_access_lib-0:1.1.4-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-rugged-0:0.27.4-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-sqlite3-0:1.3.13-2.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-unf_ext-0:0.0.7.5-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
rubygem-websocket-driver-0:0.6.5-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
smem-0:1.4-1.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
supervisor-0:3.1.4-1.el7	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
wmi-0:1.3.14-7.el7cf	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z
wxGTK3-0:3.0.3-5.el7at	cpe:/a:redhat:cloudforms_managementengine:5.10::el7	RHSA-2019:0212	2019-02-07T00:00:00Z

No data.

Project Subscriptions

Vendors	Products
Redhat Subscribe	Cloudforms Managementengine Subscribe
Rubyonrails Subscribe	Html Sanitizer Subscribe

Advisories

Source	ID	Title
EUVD	EUVD-2018-0191	There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah. All users running an affected release should either upgrade or use one of the workarounds immediately.
Github GHSA	GHSA-px3r-jm9g-c8w8	rails-html-sanitizer Cross-site Scripting vulnerability

Fixes

Solution

No solution given by the vendor.

Workaround

No workaround given by the vendor.

References

Link	Providers
https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae
https://nvd.nist.gov/vuln/detail/CVE-2018-3741
https://www.cve.org/CVERecord?id=CVE-2018-3741

History

No history.

Projects

Sign in to view the affected projects.

MITRE

Status: PUBLISHED

Assigner: hackerone

Published: 2018-03-30T19:00:00

Updated: 2024-08-05T04:50:30.644Z

Reserved: 2017-12-28T00:00:00

Link: CVE-2018-3741

Vulnrichment

No data.

NVD

Status : Modified

Published: 2018-03-30T19:29:00.333

Modified: 2024-11-21T04:05:59.343

Link: CVE-2018-3741

Redhat

Severity : Moderate

Publid Date: 2018-03-21T00:00:00Z

Links: CVE-2018-3741 - Bugzilla

OpenCVE Enrichment

No data.

Weaknesses

CWE-79

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact None

Integrity Impact Partial

Availability Impact None

Project Subscriptions

Projects

JSON object

JSON object

JSON object

JSON object

JSON object