Description
The sanitize_css method in lib/action_controller/vendor/html-scanner/html/sanitizer.rb in the Action Pack component in Ruby on Rails before 2.3.18, 3.0.x and 3.1.x before 3.1.12, and 3.2.x before 3.2.13 does not properly handle \n (newline) characters, which makes it easier for remote attackers to conduct cross-site scripting (XSS) attacks via crafted Cascading Style Sheets (CSS) token sequences.
Remediation
References
Related Vulnerabilities
WordPress Plugin weForms-Easy Drag & Drop Contact Form Builder For WordPress CSV Injection (1.4.7)
WordPress Plugin WP Google Review Slider SQL Injection (11.7)
WordPress Plugin WP DSGVO Tools (GDPR) PHP Object Injection (2.0.4)
Joomla Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-8057)