CVE-2013-1857: XSS Vulnerability in the `sanitize` helper

March 19, 2013 (updated August 8, 2019)

The sanitize helper in Ruby on Rails is designed to filter HTML and remove all tags and attributes which could be malicious.

References

groups.google.com/forum/?fromgroups=

Detect and mitigate CVE-2013-1857 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →