CVE-2022-23515|Loofah is a general library for... - VULHUB开源网络安全威胁库

Loofah is a general library for... CVE-2022-23515

- AV AC AU C I A

发布： 2022-12-14

修订： 2024-02-01

Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.

0%

漏洞利用/PoC

暂无可用Exp或PoC

受影响的平台与产品

当前有2条受影响产品信息

您还没有登录，登录后可查看更多

添加资源
收藏资源
问题反馈

贡献用户

暂无贡献用户

相关漏洞清单查看更多>

rails-html-sanitizer is responsible... (VHN-412694)
2024-02-01
rails-html-sanitizer is responsible... (VHN-412691)
2024-02-01
rails-html-sanitizer is responsible... (VHN-412692)
2024-02-01
rails-html-sanitizer is responsible... (VHN-412693)
2024-02-01
Loofah is a general library for... (VHN-412688)
2023-09-13
Loofah is a general library for... (VHN-412690)
2023-09-13
Rails是Rails团队的一套基于Ruby语言的开源Web应用框架。 R... (VHN-424151)
2022-12-08
SnakeYaml's Constructor() class does... (VHN-419584)
2024-06-21
The package org.yaml:snakeyaml from... (VHN-416652)
2024-03-15
TZInfo is a Ruby library that... (VHN-422850)
2022-10-26