OpenCVE

A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrusted user input, malicious code could be executed.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Changed

Confidentiality Impact Low

Integrity Impact Low

Availability Impact None

User Interaction Required

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Logging

No data.

Package	CPE	Advisory	Released Date
RHOL-5.6-RHEL-8
openshift-logging/fluentd-rhel8:v1.14.6-113	cpe:/a:redhat:logging:5.6::el8	RHSA-2023:1953	2023-04-26T00:00:00Z
RHOL-5.7-RHEL-8
openshift-logging/fluentd-rhel8:v1.14.6-140	cpe:/a:redhat:logging:5.7::el8	RHSA-2023:3495	2023-06-12T00:00:00Z

References

Link	Providers
https://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2023-28120.yml
https://nvd.nist.gov/vuln/detail/CVE-2023-28120
https://www.cve.org/CVERecord?id=CVE-2023-28120

History

No history.

MITRE

No data.

Vulnrichment

No data.

NVD

No data.

Redhat

Severity : Moderate

Publid Date: 2023-03-15T00:00:00Z

Links: CVE-2023-28120 - Bugzilla

{"affected_release": [{"advisory": "RHSA-2023:1953", "cpe": "cpe:/a:redhat:logging:5.6::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-113", "product_name": "RHOL-5.6-RHEL-8", "release_date": "2023-04-26T00:00:00Z"}, {"advisory": "RHSA-2023:3495", "cpe": "cpe:/a:redhat:logging:5.7::el8", "package": "openshift-logging/fluentd-rhel8:v1.14.6-140", "product_name": "RHOL-5.7-RHEL-8", "release_date": "2023-06-12T00:00:00Z"}], "bugzilla": {"description": "rubygem-activesupport: Possible XSS in SafeBuffer#bytesplice", "id": "2179637", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2179637"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.1", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "status": "verified"}, "cwe": "CWE-79", "details": ["A Cross-Site-Scripting vulnerability was found in rubygem ActiveSupport. If the new bytesplice method is called on a SafeBuffer with untrusted user input, malicious code could be executed."], "mitigation": {"lang": "en:us", "value": "Avoid calling bytesplice on a SafeBuffer (html_safe) string with untrusted user input."}, "name": "CVE-2023-28120", "package_state": [{"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Affected", "package_name": "3scale-amp-backend-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Will not fix", "package_name": "3scale-amp-zync-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:red_hat_3scale_amp:2", "fix_state": "Affected", "package_name": "3scale-toolbox-container", "product_name": "Red Hat 3scale API Management Platform 2"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Out of support scope", "package_name": "rubygem-activesupport", "product_name": "Red Hat OpenShift Container Platform 3.11"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "candlepin", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "rubygem-activesupport", "product_name": "Red Hat Satellite 6"}, {"cpe": "cpe:/a:redhat:satellite:6", "fix_state": "Not affected", "package_name": "rubygem-deep_cloneable", "product_name": "Red Hat Satellite 6"}], "public_date": "2023-03-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-28120\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-28120\nhttps://github.com/rubysec/ruby-advisory-db/blob/master/gems/activesupport/CVE-2023-28120.yml"], "threat_severity": "Moderate", "upstream_fix": "rubygem-activesupport 6.1.7.3, rubygem-activesupport 7.0.4.3"}