{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-26T11:56:25.770","vulnerabilities":[{"cve":{"id":"CVE-2012-1098","sourceIdentifier":"secalert@redhat.com","published":"2012-03-13T10:55:01.213","lastModified":"2025-04-11T00:51:21.963","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods."},{"lang":"es","value":"Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en Ruby on Rails 3.0.x anteriores a 3.0.12, 3.1.x anteriores a 3.1.4, y 3.2.x anterioes a 3.2.2 permite a atacantes remotos inyectar codigo de script web o código HTML de su elección a través de vectores que involucran un objeto SafeBuffer que es manipulado a través de determinados métodos."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:N/I:P/A:N","baseScore":4.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"NONE","integrityImpact":"PARTIAL","availabilityImpact":"NONE"},"baseSeverity":"MEDIUM","exploitabilityScore":8.6,"impactScore":2.9,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-79"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.0:*:*:*:*:*:*:*","matchCriteriaId":"E3BE7DFE-BA20-434B-A1DE-AD038B255C60"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta:*:*:*:*:*:*","matchCriteriaId":"DCEE5B21-C990-4705-8239-0D7B29DAEDA1"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta2:*:*:*:*:*:*","matchCriteriaId":"65EE33B1-B079-4CDE-B9C2-F1613A4610DC"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta3:*:*:*:*:*:*","matchCriteriaId":"5CAAA20B-824F-4448-99DC-9712FE628073"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.0:beta4:*:*:*:*:*:*","matchCriteriaId":"D2BEBDFB-0F30-454A-B74C-F820C9D2708B"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc:*:*:*:*:*:*","matchCriteriaId":"1D7CD8C1-95D1-477E-AD96-6582EC33BA01"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.0:rc2:*:*:*:*:*:*","matchCriteriaId":"B6F00D98-3D0F-40AF-AE4F-090B1E6B660C"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.1:*:*:*:*:*:*:*","matchCriteriaId":"9476CE55-69C0-45D3-B723-6F459C90BF05"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.1:pre:*:*:*:*:*:*","matchCriteriaId":"486F5BA6-BCF7-4691-9754-19D364B4438D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.2:*:*:*:*:*:*:*","matchCriteriaId":"112FC73B-A8BC-4EEA-9F4B-CCE685EF2838"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.2:pre:*:*:*:*:*:*","matchCriteriaId":"E4498383-6FCA-4E17-A1FD-B0CE7EE50F85"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.3:*:*:*:*:*:*:*","matchCriteriaId":"D26565B1-2BA6-4A3C-9264-7FC9A1820B59"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.4:rc1:*:*:*:*:*:*","matchCriteriaId":"644EF85E-6D3E-4F5C-96B0-49AD2A2D90CE"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.5:*:*:*:*:*:*:*","matchCriteriaId":"392E2D58-CB39-4832-B4D9-9C2E23B8E14C"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.5:rc1:*:*:*:*:*:*","matchCriteriaId":"1F2466EA-7039-46A1-B4A3-8DACD1953A59"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.6:*:*:*:*:*:*:*","matchCriteriaId":"0CAB4E72-0A15-4B26-9B69-074C278568D6"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc1:*:*:*:*:*:*","matchCriteriaId":"A085E105-9375-440A-80CB-9B23E6D7EB4A"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.6:rc2:*:*:*:*:*:*","matchCriteriaId":"25911E48-C5D7-4ED8-B4DB-7523A74CCF49"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.7:*:*:*:*:*:*:*","matchCriteriaId":"FE6EC1E5-3A4A-4751-9F77-28EF5AF681E3"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc1:*:*:*:*:*:*","matchCriteriaId":"B29674E3-CC80-446B-9A43-82594AE7A058"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.7:rc2:*:*:*:*:*:*","matchCriteriaId":"FF34D8CB-2B6D-4CB8-A206-108293BCFFE7"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.8:*:*:*:*:*:*:*","matchCriteriaId":"8E5187F6-E3AC-4E0D-B1D0-83DE76C20A4B"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc1:*:*:*:*:*:*","matchCriteriaId":"272268EE-E3E8-4683-B679-55D748877A7E"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc2:*:*:*:*:*:*","matchCriteriaId":"7B69FD33-61FE-4F10-BBE1-215F59035D30"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc3:*:*:*:*:*:*","matchCriteriaId":"08D7CB5D-82EF-4A24-A792-938FAB40863D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.8:rc4:*:*:*:*:*:*","matchCriteriaId":"8A044B21-47D5-468D-AF4A-06B3B5CC0824"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.9:*:*:*:*:*:*:*","matchCriteriaId":"2196F3D0-532A-40F9-843A-1DFBC8B63FDC"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc1:*:*:*:*:*:*","matchCriteriaId":"CBEDA932-6CB5-438C-94E4-824732A91BE0"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc2:*:*:*:*:*:*","matchCriteriaId":"903E5524-5E45-48CE-A804-EDAEBE3A79AD"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc3:*:*:*:*:*:*","matchCriteriaId":"08534AF2-F94E-4FB6-A572-4FB9827276D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc4:*:*:*:*:*:*","matchCriteriaId":"29E3B4A6-1346-4358-B7BC-84D00ED3ABBE"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.9:rc5:*:*:*:*:*:*","matchCriteriaId":"B52D7A6B-DD93-45F0-9186-18ABEFF28DF4"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.10:*:*:*:*:*:*:*","matchCriteriaId":"1F07C641-48DF-43BE-9EB5-72B337C54846"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.10:rc1:*:*:*:*:*:*","matchCriteriaId":"A1CB1B12-99F5-430F-AE19-9A95C17FA123"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.11:*:*:*:*:*:*:*","matchCriteriaId":"D1A7C449-8F9A-4CE5-9C3D-375996BFAEE3"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.0.12:rc1:*:*:*:*:*:*","matchCriteriaId":"FE331D6D-99BA-4369-AD8B-B556DEE4955F"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:ruby_on_rails:3.0.4:*:*:*:*:*:*:*","matchCriteriaId":"224BD488-0D7E-4F8B-9012-DE872DEB544C"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:*:*:*:*:*:*:*","matchCriteriaId":"DB51F3E9-4899-49A9-9E7B-0DCA92A91DD8"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:beta1:*:*:*:*:*:*","matchCriteriaId":"F884F2F4-94F3-46CB-860B-1BCC0EEF408A"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc1:*:*:*:*:*:*","matchCriteriaId":"88DFBB48-1C29-4639-9369-F5B413CA2337"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc2:*:*:*:*:*:*","matchCriteriaId":"D37696D7-BEE6-4587-9E33-A7FE24780409"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc3:*:*:*:*:*:*","matchCriteriaId":"E95B5D44-0C8D-47BC-A89D-48A5BDEB84F4"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc4:*:*:*:*:*:*","matchCriteriaId":"1DFDAF6A-76AA-436F-A4F3-DA69892DE2B8"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc5:*:*:*:*:*:*","matchCriteriaId":"D3172982-3FA4-427F-BE3E-2321D804E49D"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc6:*:*:*:*:*:*","matchCriteriaId":"FD6EC85B-F092-48FF-966A-96B9227C8656"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc7:*:*:*:*:*:*","matchCriteriaId":"9000F3C1-57A0-474C-9C82-E58688F29838"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.0:rc8:*:*:*:*:*:*","matchCriteriaId":"6E55E42E-AB6A-4E47-AC69-DFDAEB0A8735"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.1:*:*:*:*:*:*:*","matchCriteriaId":"A42F4E7A-6F6A-485C-8D30-95F3B0285922"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc1:*:*:*:*:*:*","matchCriteriaId":"30B9C0CB-F6E6-4233-84E4-D6E69104DD73"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc2:*:*:*:*:*:*","matchCriteriaId":"84309CC7-A8B7-4ADB-AEA1-964DA5F7B0E0"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.1:rc3:*:*:*:*:*:*","matchCriteriaId":"5343241F-274D-45FF-97C7-2BC2E920BAF0"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.2:*:*:*:*:*:*:*","matchCriteriaId":"FED122B8-AF4C-4C48-B1E5-54F4A7A31A53"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc1:*:*:*:*:*:*","matchCriteriaId":"157ACCAD-0FB8-4CC9-9DFB-70835DE6506C"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.2:rc2:*:*:*:*:*:*","matchCriteriaId":"3E50ACF6-7277-4C9A-B42A-E7EFDC317691"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.3:*:*:*:*:*:*:*","matchCriteriaId":"C191DC2B-1EC3-48E0-A586-867E6EE4431C"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.1.4:rc1:*:*:*:*:*:*","matchCriteriaId":"B4BC41E8-FEDA-4C31-B479-D49A59FC4D63"}]}]},{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.2.0:*:*:*:*:*:*:*","matchCriteriaId":"2816C02C-E13E-4367-91F3-14756A90EC9E"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc1:*:*:*:*:*:*","matchCriteriaId":"E82AF7C7-B725-40EF-8EE3-18F8E7FAEB29"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.2.0:rc2:*:*:*:*:*:*","matchCriteriaId":"1AE674DE-65DB-437E-A034-A2EE5C584B33"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.2.1:*:*:*:*:*:*:*","matchCriteriaId":"0524F3E3-BAD7-4CD3-A6E7-74CFBE4B46E6"},{"vulnerable":true,"criteria":"cpe:2.3:a:rubyonrails:rails:3.2.2:rc1:*:*:*:*:*:*","matchCriteriaId":"EB32713D-FE64-445E-872E-B4678C243AB1"}]}]}],"references":[{"url":"http://groups.google.com/group/rubyonrails-security/msg/1c2e01a5e42722c9?dmode=source&output=gplain","source":"secalert@redhat.com"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075675.html","source":"secalert@redhat.com"},{"url":"http://weblog.rubyonrails.org/2012/3/1/ann-rails-3-0-12-has-been-released","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2012/03/02/6","source":"secalert@redhat.com"},{"url":"http://www.openwall.com/lists/oss-security/2012/03/03/1","source":"secalert@redhat.com"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=799275","source":"secalert@redhat.com"},{"url":"http://groups.google.com/group/rubyonrails-security/msg/1c2e01a5e42722c9?dmode=source&output=gplain","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://lists.fedoraproject.org/pipermail/package-announce/2012-March/075675.html","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://weblog.rubyonrails.org/2012/3/1/ann-rails-3-0-12-has-been-released","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2012/03/02/6","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.openwall.com/lists/oss-security/2012/03/03/1","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=799275","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}