1. Server >
  2. Unix Server >
  3. DSA-4358 ruby-sanitize - security update


ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese
Anzeige

DSA-4358 ruby-sanitize - security update

Unix Server vom 27.12.2018 um 01:00 Uhr | Quelle debian.org

The Shopify Application Security Team discovered that ruby-sanitize, a whitelist-based HTML sanitizer, is prone to a HTML injection vulnerability. A specially crafted HTML fragment can cause to allow nonwhitelisted attributes to be used on a whitelisted HTML element.

...

Komplette Webseite öffnen

Newsbewertung

Kommentiere zu DSA-4358 ruby-sanitize - security update