There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. The reason these issues were not detected before is the escapes were working as designed. However, their design didn't take into account just how recklessly permissive browser are when it comes to executing unsafe JavaScript via HTML attributes.
There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. Our filter to detect and prevent the use of the javascript: URL scheme in the href attribute of an <a> tag could be bypassed with tab \t or newline \n characters between the characters of the protocol, e.g. java\tscript:.
There is a potential cross-site scripting (XSS) vulnerability that can be exploited via maliciously crafted user data. This was due to improper case-sensitivity in the code that was meant to prevent these attacks. Impact If you render an <a> tag with an href attribute set to a user-provided link, that link could potentially execute JavaScript when clicked by another user. a(href: user_profile) { "Profile" } If you splat user-provided attributes …