Possible XSS vulnerability in ActionView
CVE-2020-5267

4MEDIUM

Key Information:

Vendor: Rails
Status: Actionview
Vendor: CVE Published:; 19 March 2020

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2020-5267?

In ActionView before versions 6.0.2.2 and 5.2.4.2, there is a possible XSS vulnerability in ActionView's JavaScript literal escape helpers. Views that use the j or escape_javascript methods may be susceptible to XSS attacks. The issue is fixed in versions 6.0.2.2 and 5.2.4.2.

Affected Version(s)

actionview < 5.2.4.2 < 5.2.4.2

actionview >= 6.0.0, < 6.0.2.2 < 6.0.0, 6.0.2.2

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

legacy-rails-CVE-2020-5267-patch
Created by GUI

References

https://github.com/rails/rails/security/advisories/GHSA-6...

x_refsource_CONFIRM

https://github.com/rails/rails/commit/033a738817abd6e446e...

x_refsource_MISC

http://www.openwall.com/lists/oss-security/2020/03/19/1

mailing-listx_refsource_MLIST

CVSS V3.1

Score:

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Mar 23, 2020
👾
Exploit known to exist
Mar 23, 2020
Vulnerability published
Mar 19, 2020
Vulnerability Reserved
Jan 2, 2020

Rails