Bug 731436 (CVE-2011-2931) - CVE-2011-2931 rubygem-actionpack: XSS vulnerability in strip_tags helper (Ruby on Rails)
Summary: CVE-2011-2931 rubygem-actionpack: XSS vulnerability in strip_tags helper (Rub...
Alias: CVE-2011-2931
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
Depends On: 677629 731440 731441 731448
Blocks: 732542
TreeView+ depends on / blocked
Reported: 2011-08-17 16:40 UTC by Vincent Danen
Modified: 2019-09-29 12:46 UTC (History)
10 users (show)

Fixed In Version: rubygem-actionpack 2.3.13, rubygem-actionpack 3.0.10, rubygem-actionpack 3.1.0
Doc Type: Bug Fix
Doc Text:
Clone Of:
Last Closed: 2013-01-16 09:50:04 UTC

Attachments (Terms of Use)

Description Vincent Danen 2011-08-17 16:40:19 UTC
An XSS vulnerability in the strip_tags helper in Ruby on Rails was reported
[1] where, using specially crafted output, an attacker can successfully inject HTML into the document, which can be used to inject arbitrary javascript into the rendered page.

This is corrected in upstream 3.0.10, 2.3.13, and 3.1.0rc5 versions.  Patches are available in the advisory [1] and in git [2].

[1] http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b9130749b74ea12
[2] https://github.com/rails/rails/commit/586a944ddd4d03e66dea1093306147594748037a

Comment 2 Vincent Danen 2011-08-17 17:22:49 UTC
This flaw is rubygem-actionpack, not rubygem-rails.

Comment 3 Vincent Danen 2011-08-17 17:26:15 UTC
Created rubygem-actionpack tracking bugs for this issue

Affects: fedora-all [bug 731448]
Affects: epel-5 [bug 677629]

Comment 5 Vincent Danen 2011-08-30 04:18:58 UTC
This issue has been assigned the name CVE-2011-2931:


Note You need to log in before you can comment on or make changes to this bug.