CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3463

Cross-site scripting (XSS) vulnerability in actionpack/lib/action_view/helpers/form_tag_helper.rb in Ruby on Rails 3.x before 3.0.17, 3.1.x before 3.1.8, and 3.2.x before 3.2.8 allows remote attackers to inject arbitrary web script or HTML via the prompt field to the select_tag helper.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 46.5%

CVSS Severity

CVSS v2 Score 4.3

References

Products affected by CVE-2012-3463

Rubyonrails » Rails » Version: 3.0.0

cpe:2.3:a:rubyonrails:rails:3.0.0
Rubyonrails » Rails » Version: 3.0.1

cpe:2.3:a:rubyonrails:rails:3.0.1
Rubyonrails » Rails » Version: 3.0.10

cpe:2.3:a:rubyonrails:rails:3.0.10
Rubyonrails » Rails » Version: 3.0.11

cpe:2.3:a:rubyonrails:rails:3.0.11
Rubyonrails » Rails » Version: 3.0.12

cpe:2.3:a:rubyonrails:rails:3.0.12
Rubyonrails » Rails » Version: 3.0.13

cpe:2.3:a:rubyonrails:rails:3.0.13
Rubyonrails » Rails » Version: 3.0.14

cpe:2.3:a:rubyonrails:rails:3.0.14
Rubyonrails » Rails » Version: 3.0.16

cpe:2.3:a:rubyonrails:rails:3.0.16
Rubyonrails » Rails » Version: 3.0.2

cpe:2.3:a:rubyonrails:rails:3.0.2
Rubyonrails » Rails » Version: 3.0.3

cpe:2.3:a:rubyonrails:rails:3.0.3
Rubyonrails » Rails » Version: 3.0.4

cpe:2.3:a:rubyonrails:rails:3.0.4
Rubyonrails » Rails » Version: 3.0.5

cpe:2.3:a:rubyonrails:rails:3.0.5
Rubyonrails » Rails » Version: 3.0.6

cpe:2.3:a:rubyonrails:rails:3.0.6
Rubyonrails » Rails » Version: 3.0.7

cpe:2.3:a:rubyonrails:rails:3.0.7
Rubyonrails » Rails » Version: 3.0.8

cpe:2.3:a:rubyonrails:rails:3.0.8
Rubyonrails » Rails » Version: 3.0.9

cpe:2.3:a:rubyonrails:rails:3.0.9
Rubyonrails » Rails » Version: 3.1.0

cpe:2.3:a:rubyonrails:rails:3.1.0
Rubyonrails » Rails » Version: 3.1.1

cpe:2.3:a:rubyonrails:rails:3.1.1
Rubyonrails » Rails » Version: 3.1.2

cpe:2.3:a:rubyonrails:rails:3.1.2
Rubyonrails » Rails » Version: 3.1.3

cpe:2.3:a:rubyonrails:rails:3.1.3
Rubyonrails » Rails » Version: 3.1.4

cpe:2.3:a:rubyonrails:rails:3.1.4
Rubyonrails » Rails » Version: 3.1.5

cpe:2.3:a:rubyonrails:rails:3.1.5
Rubyonrails » Rails » Version: 3.1.6

cpe:2.3:a:rubyonrails:rails:3.1.6
Rubyonrails » Rails » Version: 3.1.7

cpe:2.3:a:rubyonrails:rails:3.1.7
Rubyonrails » Rails » Version: 3.2.0

cpe:2.3:a:rubyonrails:rails:3.2.0
Rubyonrails » Rails » Version: 3.2.1

cpe:2.3:a:rubyonrails:rails:3.2.1
Rubyonrails » Rails » Version: 3.2.2

cpe:2.3:a:rubyonrails:rails:3.2.2
Rubyonrails » Rails » Version: 3.2.3

cpe:2.3:a:rubyonrails:rails:3.2.3
Rubyonrails » Rails » Version: 3.2.4

cpe:2.3:a:rubyonrails:rails:3.2.4
Rubyonrails » Rails » Version: 3.2.5

cpe:2.3:a:rubyonrails:rails:3.2.5
Rubyonrails » Rails » Version: 3.2.6

cpe:2.3:a:rubyonrails:rails:3.2.6
Rubyonrails » Rails » Version: 3.2.7

cpe:2.3:a:rubyonrails:rails:3.2.7
Rubyonrails » Ruby On Rails » Version: 3.0.4

cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2012-3463

Products

Pricing

Contact Us