CVE-2018-16468

In the Loofah gem for Ruby, through v2.2.2, unsanitized JavaScript may occur in sanitized output when a crafted SVG element is republished.
References
Configurations

Configuration 1

cpe:2.3:a:loofah_project:loofah:*:*:*:*:*:ruby:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Information

Published : 2018-10-30 09:29

Updated : 2019-10-09 11:36


NVD link : CVE-2018-16468

Mitre link : CVE-2018-16468

Products Affected
No products.
CWE