CVE-2022-23518

Posted on 2022년 12월 15일2022년 12월 15일 by admin

CVE-2022-23518

rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 are vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.

Source: CVE-2022-23518

답글 남기기 응답 취소