CVE-2018-3741 Medium Severity Vulnerability detected by WhiteSource

[mend-bolt-for-github[bot]]

CVE-2018-3741 - Medium Severity Vulnerability

Vulnerable Library - rails-html-sanitizer-1.0.3.gem

HTML sanitization for Rails applications

path: /tmp/git/chaltron/Gemfile.lock

Library home page: https://rubygems.org/gems/rails-html-sanitizer-1.0.3.gem

Dependency Hierarchy: - rails-5.1.4.gem (Root Library) - actioncable-5.1.4.gem - actionpack-5.2.2.gem - actionview-5.2.2.gem - :x: **rails-html-sanitizer-1.0.3.gem** (Vulnerable Library)

Found in commit: 73858c140873ef5c63ae163c40883b5758092486

Vulnerability Details

There is a possible XSS vulnerability in all rails-html-sanitizer gem versions below 1.0.4 for Ruby. The gem allows non-whitelisted attributes to be present in sanitized output when input with specially-crafted HTML fragments, and these attributes can lead to an XSS attack on target applications. This issue is similar to CVE-2018-8048 in Loofah. All users running an affected release should either upgrade or use one of the workarounds immediately.

Publish Date: 2018-03-30

URL: CVE-2018-3741

CVSS 3 Score Details (6.1)

Base Score Metrics: - Exploitability Metrics: - Attack Vector: Network - Attack Complexity: Low - Privileges Required: None - User Interaction: Required - Scope: Changed - Impact Metrics: - Confidentiality Impact: Low - Integrity Impact: Low - Availability Impact: None

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Change files

Origin: https://github.com/rails/rails-html-sanitizer/commit/f3ba1a839a35f2ba7f941c15e239a1cb379d56ae

Release Date: 2018-03-22

Fix Resolution: Replace or update the following files: scrubbers.rb, rails-html-sanitizer.gemspec, sanitizer_test.rb

---

Step up your Open Source Security Game with WhiteSource here

[crondaemon]

See the un-merged PR for details.