Search criteria
ⓘ
Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.
Related vulnerabilities
GSD-2013-6416
Vulnerability from gsd - Updated: 2013-12-03 00:00Details
There is a vulnerability in the simple_format helper in Ruby on Rails.
The simple_format helper converts user supplied text into html text
which is intended to be safe for display. A change made to the
implementation of this helper means that any user provided HTML
attributes will not be escaped correctly. As a result of this error,
applications which pass user-controlled data to be included as html
attributes will be vulnerable to an XSS attack.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2013-6416",
"description": "Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute.",
"id": "GSD-2013-6416",
"references": [
"https://www.suse.com/security/cve/CVE-2013-6416.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"affected": [
{
"package": {
"ecosystem": "RubyGems",
"name": "actionpack",
"purl": "pkg:gem/actionpack"
}
}
],
"aliases": [
"CVE-2013-6416",
"OSVDB-100526"
],
"details": "There is a vulnerability in the simple_format helper in Ruby on Rails.\nThe simple_format helper converts user supplied text into html text\nwhich is intended to be safe for display. A change made to the\nimplementation of this helper means that any user provided HTML\nattributes will not be escaped correctly. As a result of this error,\napplications which pass user-controlled data to be included as html\nattributes will be vulnerable to an XSS attack.\n",
"id": "GSD-2013-6416",
"modified": "2013-12-03T00:00:00.000Z",
"published": "2013-12-03T00:00:00.000Z",
"references": [
{
"type": "WEB",
"url": "https://groups.google.com/forum/#!topic/ruby-security-ann/5ZI1-H5OoIM"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": 4.3,
"type": "CVSS_V2"
}
],
"summary": "XSS Vulnerability in simple_format helper"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-6416",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/",
"refsource": "CONFIRM",
"url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/"
},
{
"name": "[ruby-security-ann] 20131203 [CVE-2013-6416] XSS Vulnerability in simple_format helper",
"refsource": "MLIST",
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ"
},
{
"name": "64071",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/64071"
}
]
}
},
"github.com/rubysec/ruby-advisory-db": {
"cve": "2013-6416",
"cvss_v2": 4.3,
"date": "2013-12-03",
"description": "There is a vulnerability in the simple_format helper in Ruby on Rails.\nThe simple_format helper converts user supplied text into html text\nwhich is intended to be safe for display. A change made to the\nimplementation of this helper means that any user provided HTML\nattributes will not be escaped correctly. As a result of this error,\napplications which pass user-controlled data to be included as html\nattributes will be vulnerable to an XSS attack.\n",
"framework": "rails",
"gem": "actionpack",
"osvdb": 100526,
"patched_versions": [
"\u003e= 4.0.2"
],
"title": "XSS Vulnerability in simple_format helper",
"unaffected_versions": [
"~\u003e 2.3.0",
"~\u003e 3.1.0",
"~\u003e 3.2.0"
],
"url": "https://groups.google.com/forum/#!topic/ruby-security-ann/5ZI1-H5OoIM"
},
"gitlab.com": {
"advisories": [
{
"affected_range": "\u003e=4.0.0 \u003c4.0.2",
"affected_versions": "All versions starting from 4.0.0 before 4.0.2",
"credit": "Kevin Reintjes",
"cvss_v2": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"cwe_ids": [
"CWE-1035",
"CWE-79",
"CWE-937"
],
"date": "2019-08-08",
"description": "The simple_format helper converts user supplied text into html text which is intended to be safe for display. A change made to the implementation of this helper means that any user provided HTML attributes will not be escaped correctly. As a result of this error, applications which pass user-controlled data to be included as html attributes will be vulnerable to an XSS attack. ",
"fixed_versions": [
"4.0.2"
],
"identifier": "CVE-2013-6416",
"identifiers": [
"CVE-2013-6416"
],
"not_impacted": "Versions prior to 4.0 or if your application does not pass unescaped user-controlled data as html attributes to simple_format",
"package_slug": "gem/actionpack",
"pubdate": "2013-12-06",
"solution": "Upgrade to latest or escape user-controlled data passed as HTML attributes like: simple_format(some_text, class: h(params[:class]))",
"title": "XSS Vulnerability in simple_format helper",
"urls": [
"http://seclists.org/oss-sec/2013/q4/404"
],
"uuid": "94a6bcfe-5e15-443f-8165-ef90938b0235"
}
]
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:-:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:beta:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.0:rc2:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:4.0.1:rc1:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:rubyonrails:rails:*:-:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.0.1",
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "secalert@redhat.com",
"ID": "CVE-2013-6416"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/",
"refsource": "CONFIRM",
"tags": [],
"url": "http://weblog.rubyonrails.org/2013/12/3/Rails_3_2_16_and_4_0_2_have_been_released/"
},
{
"name": "[ruby-security-ann] 20131203 [CVE-2013-6416] XSS Vulnerability in simple_format helper",
"refsource": "MLIST",
"tags": [],
"url": "https://groups.google.com/forum/message/raw?msg=ruby-security-ann/5ZI1-H5OoIM/ZNq4FoR2GnIJ"
},
{
"name": "64071",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/64071"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": true
}
},
"lastModifiedDate": "2019-08-08T15:26Z",
"publishedDate": "2013-12-07T00:55Z"
}
}
}