CVE-2020-36190
gem/rails_admin
Cross-site Scripting
RailsAdmin (aka rails_admin) allows XSS via nested forms.
All versions before 1.4.3, all versions starting from 2.0.0 before 2.0.2
Upgrade to versions 1.4.3, 2.0.2 or above.
2021-01-15
source |