Possible XSS vulnerability with certain configurations of Rails::Html::Sanitizer may allow an attacker to inject content if the application developer has overridden the sanitizer's allowed tags to allow both `select` and `style` elements.Code is only impacted if allowed tags are being overridden.
Created rubygem-rails-html-sanitizer tracking bugs for this issue:
Affects: fedora-all [bug 2101883]
Versions Affected: ALL
Fixed Versions: v1.4.3
The latest version is 1.4.3.
The current versions are below.
Fedora 37 rubygem-rails-html-sanitizer-1.4.2-2.fc36
Fedora 36 rubygem-rails-html-sanitizer-1.4.2-2.fc36
Fedora 35 rubygem-rails-html-sanitizer-1.4.2-1.fc35
The rubygem-rails-html-sanitizer is FTBFS on rawhide, and one of the gems needed by Ruby on Rails.
This issue has been addressed in the following products:
Red Hat Satellite 6.12 for RHEL 8
Via RHSA-2022:8506 https://access.redhat.com/errata/RHSA-2022:8506