Issue Details
- Vulnerability: Cross-Site Scripting (XSS)
- Severity: Medium
- Project: Guiiii-m/example-ruby
- Branch: master
- Scan Date: Unknown
Issue Description
loofah is vulnerable to cross-site scripting (XSS). Unsanitized JavaScript may occur in sanitized output when a malicious SVG element is republished, allowing a remote attacker to inject and execute arbitrary Javascript onto a victim's browser.
View more details
Cross-Site Scripting (XSS) in Guiiii-m/example-ruby (master)
Issue Details
Issue Description
loofah is vulnerable to cross-site scripting (XSS). Unsanitized JavaScript may occur in sanitized output when a malicious SVG element is republished, allowing a remote attacker to inject and execute arbitrary Javascript onto a victim's browser.
View more details