rails-html-sanitizer is responsible for sanitizing HTML fragments in Rails applications. Versions >= 1.0.3, < 1.4.4 is vulnerable to cross-site scripting via data URIs when used in combination with Loofah >= 2.1.0. This issue is patched in version 1.4.4.
Loofah >= 2.2.0, < 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a denial of service through CPU resource consumption.
Loofah < 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption.
Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs.
Summary Loofah >= 2.2.0, < 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a denial of service through CPU resource consumption. Mitigation Upgrade to Loofah >= 2.19.1. Users who are unable to upgrade may be able to mitigate this vulnerability by limiting the length of the strings that are sanitized. Severity The Loofah maintainers have evaluated …
Summary Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. Mitigation Upgrade to Loofah >= 2.19.1. Severity The Loofah maintainers have evaluated this as [Medium Severity 6.1](https://www.first.org/cvss/calculator/3.0#. References CWE - CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') (4.9) SVG MIME Type (image/svg+xml) is misleading to developers · Issue #266 · w3c/svgwg https://hackerone.com/reports/1694173 https://github.com/flavorjones/loofah/issues/101 Credit This vulnerability was …
Summary Loofah < 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. Mitigation Upgrade to Loofah >= 2.19.1. Severity The Loofah maintainers have evaluated this as [High Severity 7.5 (CVSS3.1)](https://www.first.org/cvss/calculator/3.1#. References CWE - CWE-1333: Inefficient Regular Expression Complexity (4.9) https://hackerone.com/reports/1684163 Credit This vulnerability was responsibly reported by @ooooooo-q …
In the Loofah gem for Ruby through unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
In the Loofah gem for Ruby, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
Loofah allows attributes that are not explicitly allowed to be present in sanitized output when input with specially-crafted HTML fragments.