Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden. Reference: https://hackerone.com/reports/1530898
Created rubygem-rails-html-sanitizer tracking bugs for this issue: Affects: fedora-all [bug 2101883]
https://discuss.rubyonrails.org/t/cve-2022-32209-possible-xss-vulnerability-in-rails-sanitizer/80800 Versions Affected: ALL Fixed Versions: v1.4.3 https://rubygems.org/gems/rails-html-sanitizer The latest version is 1.4.3. The current versions are below. https://src.fedoraproject.org/rpms/rubygem-rails-html-sanitizer Fedora 37 rubygem-rails-html-sanitizer-1.4.2-2.fc36 Fedora 36 rubygem-rails-html-sanitizer-1.4.2-2.fc36 Fedora 35 rubygem-rails-html-sanitizer-1.4.2-1.fc35 The rubygem-rails-html-sanitizer is FTBFS on rawhide, and one of the gems needed by Ruby on Rails. https://koschei.fedoraproject.org/package/rubygem-rails-html-sanitizer
This issue has been addressed in the following products: Red Hat Satellite 6.12 for RHEL 8 Via RHSA-2022:8506 https://access.redhat.com/errata/RHSA-2022:8506