216.73.217.80

CVE-2024-39308

· Published 08/07/2024 15:15 · Modified 08/07/2024 15:49

Labels: CVE-2024-39308 2024-07-08CVE-2024-39308CWE-79[email protected]

Essential information

Published
08/07/2024 15:15
Modified
08/07/2024 15:49
Author
Creator
CVSS
6.8 MEDIUM (v3.0)
CISA KEV
No
CWE
CVSS vector
CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:N/A:N

CVSS metrics

Description

RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML title attribute. Upgrade to 3.1.3 or 2.2.2 (to be released).

NVD status

Status
Undergoing Analysis — CVE is currently being analyzed by NVD staff, this process results in association of reference link tags, CVSS scores, CWE association, and CPE applicability statements.
Source
[email protected]
NVD
View on NVD

References