RSS   Vulnerabilities for 'Loofah'   RSS

2018-10-30
 
CVE-2018-16468

CWE-79
 

 
In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.

 


Copyright 2019, cxsecurity.com

 

Back to Top