VYPR
Moderate severityNVD Advisory· Published May 26, 2022· Updated Aug 3, 2024

CVE-2022-22577

CVE-2022-22577

Description

An XSS Vulnerability in Action Pack >= 5.2.0 and < 5.2.0 that could allow an attacker to bypass CSP for non HTML like responses.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
actionpackRubyGems
>= 5.2.0, < 5.2.7.15.2.7.1
actionpackRubyGems
>= 6.0.0, < 6.0.4.86.0.4.8
actionpackRubyGems
>= 6.1.0, < 6.1.5.16.1.5.1
actionpackRubyGems
>= 7.0.0, < 7.0.2.47.0.2.4

Affected products

2

Patches

Vulnerability mechanics

References

15

News mentions

0

No linked articles in our index yet.