CVE-2012-3463

Description

Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.

CVSS Metrics

• v2.0•MEDIUM•Score: 4.3AV:N/AC:M/Au:N/C:N/I:P/A:N

EPSS Trends

Current EPSS score: 0.33%• Percentile: 56%

Techniques & Countermeasures

• CWE-79•Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

  The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

Affected Systems

• rubyonrails•rails

  3.0.0 | 3.0.0:beta | 3.0.0:beta2 | 3.0.0:beta3 | 3.0.0:beta4 | 3.0.0:rc | 3.0.0:rc2 | 3.0.1 | 3.0.1:pre | 3.0.2 | 3.0.2:pre | 3.0.3 | 3.0.4:rc1 | 3.0.5 | 3.0.5:rc1 | 3.0.6 | 3.0.6:rc1 | 3.0.6:rc2 | 3.0.7 | 3.0.7:rc1 | 3.0.7:rc2 | 3.0.8 | 3.0.8:rc1 | 3.0.8:rc2 | 3.0.8:rc3 | 3.0.8:rc4 | 3.0.9 | 3.0.9:rc1 | 3.0.9:rc2 | 3.0.9:rc3 | 3.0.9:rc4 | 3.0.9:rc5 | 3.0.10 | 3.0.10:rc1 | 3.0.11 | 3.0.12 | 3.0.12:rc1 | 3.0.13 | 3.0.13:rc1 | 3.0.14 | 3.0.16 | 3.1.0 | 3.1.0:beta1 | 3.1.0:rc1 | 3.1.0:rc2 | 3.1.0:rc3 | 3.1.0:rc4 | 3.1.0:rc5 | 3.1.0:rc6 | 3.1.0:rc7 | 3.1.0:rc8 | 3.1.1 | 3.1.1:rc1 | 3.1.1:rc2 | 3.1.1:rc3 | 3.1.2 | 3.1.2:rc1 | 3.1.2:rc2 | 3.1.3 | 3.1.4 | 3.1.4:rc1 | 3.1.5 | 3.1.5:rc1 | 3.1.6 | 3.1.7 | 3.2.0 | 3.2.0:rc1 | 3.2.0:rc2 | 3.2.1 | 3.2.2 | 3.2.2:rc1 | 3.2.3 | 3.2.3:rc1 | 3.2.3:rc2 | 3.2.4 | 3.2.4:rc1 | 3.2.5 | 3.2.6 | 3.2.7

• rubyonrails•ruby_on_rails

  3.0.4

References (3)

• http://weblog.rubyonrails.org/2012/8/9/ann-rails-3-2-8-has-been-released/
• https://groups.google.com/group/rubyonrails-security/msg/961e18e514527078?dmode=source&output=gplain
• http://rhn.redhat.com/errata/RHSA-2013-0154.html