Back to bug 2138957
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Paige Jung | 2022-10-31 20:16:46 UTC | Depends On | 2138958 | |
| Summary | CVE-2022-3704 dev-ruby/rails: XSS within Route Error Page | CVE-2022-3704 rubygem-rails: XSS within Route Error Page | ||
| Doc Type | --- | If docs needed, set a value | ||
| Blocks | 2138140 | |||
| Depends On | 2138960 | |||
| Doc Text | A self cross site scripting vulnerability was found in Ruby on Rails. When requesting a page that does not have a matching routing, it is possible to create a script injection within the Routing Error page. | A self cross-site scripting vulnerability was found in Ruby on Rails. This issue occurs when requesting a page that does not have a matching routing, allowing a user to create a script injection within the routing error page. | ||
| Red Hat Bugzilla | 2023-03-02 08:27:52 UTC | Depends On | 2139421 | |
| CC | myarboro | |||
| Red Hat Bugzilla | 2023-05-15 20:19:03 UTC | CC | btotty | |
| Red Hat Bugzilla | 2023-07-07 08:31:59 UTC | Assignee | security-response-team | nobody |
Back to bug 2138957