Vulnerability CVE-2016-6316

Vulnerability CVE-2016-6316

Published: 2016-09-07

Description:

Type:

(Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting'))

CVSS Base Score	Impact Subscore	Exploitability Subscore
4.3/10	2.9/10	8.6/10

http://rhn.redhat.com/errata/RHSA-2016-1855.html

http://rhn.redhat.com/errata/RHSA-2016-1856.html

http://rhn.redhat.com/errata/RHSA-2016-1857.html

http://rhn.redhat.com/errata/RHSA-2016-1858.html

http://weblog.rubyonrails.org/2016/8/11/Rails-5-0-0-1-4-2-7-2-and-3-2-22-3-have-been-released/

http://www.debian.org/security/2016/dsa-3651

http://www.openwall.com/lists/oss-security/2016/08/11/3

http://www.securityfocus.com/bid/92430

https://groups.google.com/forum/#!topic/ruby-security-ann/8B2iV2tPRSE

https://puppet.com/security/cve/cve-2016-6316