RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released).
History

Thu, 22 Aug 2024 14:45:00 +0000

Type Values Removed Values Added
First Time appeared Rails Admin Project
Rails Admin Project rails Admin
CPEs cpe:2.3:a:rails_admin_project:rails_admin:*:*:*:*:*:ruby:*:*
Vendors & Products Rails Admin Project
Rails Admin Project rails Admin
Metrics cvssV3_1

{'score': 5.4, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published: 2024-07-08T14:33:55.144Z

Updated: 2024-08-02T04:19:20.581Z

Reserved: 2024-06-21T18:15:22.259Z

Link: CVE-2024-39308

cve-icon Vulnrichment

Updated: 2024-07-17T13:06:01.233Z

cve-icon NVD

Status : Modified

Published: 2024-07-08T15:15:22.080

Modified: 2024-11-21T09:27:25.837

Link: CVE-2024-39308

cve-icon Redhat

No data.