CVE-2020-36190

CVE-2020-36190

gem/rails_admin

Cross-site Scripting

RailsAdmin (aka rails_admin) allows XSS via nested forms.

All versions before 1.4.3, all versions starting from 2.0.0 before 2.0.2

Upgrade to versions 1.4.3, 2.0.2 or above.

2021-01-15