🕵️ CVE-2024-32464 | Action Text up to 7.2.0.beta1/7.1.3.3 on Ruby on Rails ContentAttachment cross site scripting (GHSA-prjp-h48f-jgf6)
Nachrichtenbereich: 🕵️ Sicherheitslücken
🔗 Quelle: vuldb.com
A vulnerability classified as problematic has been found in Action Text up to 7.2.0.beta1/7.1.3.3 on Ruby on Rails. Affected is the function ActionText::Attachable::ContentAttachment
. The manipulation leads to basic cross site scripting.
This vulnerability is traded as CVE-2024-32464. It is possible to launch the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component. ...