VYPR
Moderate severityNVD Advisory· Published May 26, 2022· Updated Aug 3, 2024

CVE-2022-27777

CVE-2022-27777

Description

A XSS Vulnerability in Action View tag helpers >= 5.2.0 and < 5.2.0 which would allow an attacker to inject content if able to control input into specific attributes.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
actionviewRubyGems
< 5.2.7.15.2.7.1
actionviewRubyGems
>= 6.0.0, < 6.0.4.86.0.4.8
actionviewRubyGems
>= 6.1.0, < 6.1.5.16.1.5.1
actionviewRubyGems
>= 7.0.0, < 7.0.2.47.0.2.4

Affected products

18

Patches

Vulnerability mechanics

References

9

News mentions

0

No linked articles in our index yet.