CVE-2013-6416 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2013-6416 Interim 1 7 2022-10-15T17:27:42Z current 2021-05-30T13:16:04Z 2022-10-15T17:27:42Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2013-6416 Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://lists.suse.com/pipermail/sle-security-updates/2014-May/000842.html E-Mail link for SUSE-SU-2014:0734-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Studio Onsite 1.3 susestudio-1.3.7-0.17.1 susestudio-admin_en-11.3-0.15.1 susestudio-admin_en-pdf-11.3-0.15.1 susestudio-bundled-packages-1.3.7-0.17.1 susestudio-common-1.3.7-0.17.1 susestudio-runner-1.3.7-0.17.1 susestudio-sid-1.3.7-0.17.1 susestudio-ui-server-1.3.7-0.17.1 susestudio-1.3.7-0.17.1 as a component of SUSE Studio Onsite 1.3 susestudio-admin_en-11.3-0.15.1 as a component of SUSE Studio Onsite 1.3 susestudio-admin_en-pdf-11.3-0.15.1 as a component of SUSE Studio Onsite 1.3 susestudio-bundled-packages-1.3.7-0.17.1 as a component of SUSE Studio Onsite 1.3 susestudio-common-1.3.7-0.17.1 as a component of SUSE Studio Onsite 1.3 susestudio-runner-1.3.7-0.17.1 as a component of SUSE Studio Onsite 1.3 susestudio-sid-1.3.7-0.17.1 as a component of SUSE Studio Onsite 1.3 susestudio-ui-server-1.3.7-0.17.1 as a component of SUSE Studio Onsite 1.3 Cross-site scripting (XSS) vulnerability in the simple_format helper in actionpack/lib/action_view/helpers/text_helper.rb in Ruby on Rails 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via a crafted HTML attribute. CVE-2013-6416 SUSE Studio Onsite 1.3:susestudio-1.3.7-0.17.1 SUSE Studio Onsite 1.3:susestudio-admin_en-11.3-0.15.1 SUSE Studio Onsite 1.3:susestudio-admin_en-pdf-11.3-0.15.1 SUSE Studio Onsite 1.3:susestudio-bundled-packages-1.3.7-0.17.1 SUSE Studio Onsite 1.3:susestudio-common-1.3.7-0.17.1 SUSE Studio Onsite 1.3:susestudio-runner-1.3.7-0.17.1 SUSE Studio Onsite 1.3:susestudio-sid-1.3.7-0.17.1 SUSE Studio Onsite 1.3:susestudio-ui-server-1.3.7-0.17.1 moderate 4.3 AV:N/AC:M/Au:N/C:N/I:P/A:N