CVE-2018-16468

Published 3 months ago
Category: Cross-Site Scripting
Source: NIST NVD
Severity: Moderate

Vulnerability in loofah

In the Loofah gem, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

CVSS Metrics
Access Vector Access Complexity Authentication Confidentiality Impact Integrity Impact Availability Impact
Network Network Single_instance None Partial None
Patched Versions

>= 2.2.3

Unaffected Versions

n/a

References