Description
The REXML gem before 3.2.5 in Ruby before 2.6.7, 2.7.x before 2.7.3, and 3.x before 3.0.1 does not properly address XML round-trip issues. An incorrect document can be produced after parsing and serializing.
Remediation
References
Related Vulnerabilities
WordPress Improper Authentication Vulnerability (CVE-2008-1930)
Perl Out-of-bounds Write Vulnerability (CVE-2018-6913)
WordPress Plugin Captcha by BestWebSoft Multiple Cross-Site Scripting Vulnerabilities (4.1.5)
Sqlite Permissions, Privileges, and Access Controls Vulnerability (CVE-2015-6607)
MediaWiki Exposure of Resource to Wrong Sphere Vulnerability (CVE-2021-31554)