Bugzilla – Bug 1177521
VUL-0: CVE-2020-8264: rubygem-actionpack-6.0: possible XSS vulnerability in Action Pack in development mode
Last modified: 2020-10-16 15:34:59 UTC
rh#1886554 There is a possible XSS vulnerability in Action Pack while the application server is in development mode. This vulnerability is in the Actionable Exceptions middleware. Reference: https://groups.google.com/g/rubyonrails-security/c/yQzUVfv42jk/m/oJWw-xhNAQAJ References: https://bugzilla.redhat.com/show_bug.cgi?id=1886554 http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-8264
only affects rubygem-actionpack-6.0, older versions are not affected. Only needed in openSUSE:Factory
created request id 842139 created request id 842140 created request id 842141 created request id 842142 created request id 842143 created request id 842144 created request id 842145 created request id 842146 created request id 842147 created request id 842148 created request id 842149 created request id 842150 created request id 842151