CVE-2022-27777

Summary

A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes.

Affected Software

VendorProductVersion RangeStatus
n/ahttps://github.com/rails/rails7.0.2.4, 6.1.5.1, 6.0.4.8, 5.2.7.1affected

Weaknesses

  • CWE-79: Cross-site Scripting (XSS) - Generic (CWE-79)

ADP Enrichment

CVE Program Container

Additional References

References