Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
The Active Admin (aka activeadmin) framework before 3.2.2 for Ruby on Rails allows stored XSS in certain situations where users can create entities (to be later edited in forms) with arbitrary names, aka a "dynamic form legends" issue. 4.0.0.beta7 is also a fixed version.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Active Admin 跨站脚本漏洞
Vulnerability Description
Active Admin是Active Admin开源的一个 Ruby on Rails 框架。用于为网站管理创建后端。 Active Admin 3.2.2之前版本存在跨站脚本漏洞,该漏洞源于Active Admin(activeadmin)框架在某些情况下存在跨站脚本,允许用户创建具有任意名称的实体。
CVSS Information
N/A
Vulnerability Type
N/A