CVE-2012-1098 (retired)

Priority
Description
Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before
3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers
to inject arbitrary web script or HTML via vectors involving a SafeBuffer
object that is manipulated through certain methods.
Notes
 mdeslaur> in Oneiric+, rails package is just for transition
Package
Source: rails (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was not-affected [contains no code])
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (contains no code)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE (precise was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):DNE
More Information

Updated: 2019-08-23 08:48:20 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)