CVE-2022-3704: A vulnerability classified as problematic has been found in Ruby on Rails. This affects an unknown part of the file actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is be177e4566747b73ff63fd5f529fab564e475ed4. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-212319. Patch: https://github.com/rails/rails/commit/be177e4566747b73ff63fd5f529fab564e475ed4 Bit silly to say that XSS is possible to initiate remotely, I think. Looks like we're waiting for a release or downstream patch.
(In reply to John Helmert III from comment #0) > A vulnerability classified as problematic has been found in Ruby on Rails. > This affects an unknown part of the file > actionpack/lib/action_dispatch/middleware/templates/routes/_table.html.erb. > The manipulation leads to cross site scripting. It is possible to initiate > the attack remotely. The name of the patch is > be177e4566747b73ff63fd5f529fab564e475ed4. It is recommended to apply a patch > to fix this issue. The associated identifier of this vulnerability is > VDB-212319. I'd be very interested to learn how this is triggered remotely. My understanding is that the page that includes this code is only available in development mode. I guess you could run a rails app in development on a public IP address and then link to this page. Seems far fetched in practice. Or not, reading the pentest comment :-( > Bit silly to say that XSS is possible to initiate remotely, I > think. Looks like we're waiting for a release or downstream patch. I'd wait for a release here.
