VulnerableCode Vulnerability Details - VCID-ut5w-11x9-fyfp

Search for vulnerabilities

Vulnerability details: VCID-ut5w-11x9-fyfp

Essentials
Severities (3)
References (2)
Severity details (3)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-ut5w-11x9-fyfp
Aliases	GHSA-77pc-q5q7-qg9h
Summary	Moderate severity vulnerability that affects rails-html-sanitizer Withdrawn, accidental duplicate publish. Cross-site scripting (XSS) vulnerability in lib/rails/html/scrubbers.rb in the rails-html-sanitizer gem before 1.0.3 for Ruby on Rails 4.2.x and 5.x allows remote attackers to inject arbitrary web script or HTML via a crafted CDATA node.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (0)

There are no known CWE.

System	Score	Found at
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-77pc-q5q7-qg9h
generic_textual	MODERATE	https://github.com/advisories/GHSA-77pc-q5q7-qg9h
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2015-7580

Reference id	Reference type	URL
		https://github.com/advisories/GHSA-77pc-q5q7-qg9h
		https://nvd.nist.gov/vuln/detail/CVE-2015-7580

No exploits are available.

No EPSS data available for this vulnerability.

Date	Actor	Action	Source	VulnerableCode Version
2025-07-31T08:55:59.892846+00:00	GithubOSV Importer	Import	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2018/09/GHSA-77pc-q5q7-qg9h/GHSA-77pc-q5q7-qg9h.json	37.0.0