CVE-2014-0081

Published: Feb 20, 2014Modified: Apr 29, 2026

4.3

Vector

AV:N/AC:M/Au:N/C:N/I:P/A:N

Exploitability: 8.6 / Impact: 2.9

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in actionview/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.17, 4.0.x before 4.0.3, and 4.1.x before 4.1.0.beta2 allow remote attackers to inject arbitrary web script or HTML via the (1) format, (2) negative_format, or (3) units parameter to the (a) number_to_currency, (b) number_to_percentage, or (c) number_to_human helper.

Affected (186)

Products: Rubyonrails: Rails, Ruby On Rails · Opensuse: Opensuse · Opensuse Project: Opensuse · +1 more

Show all products

Rubyonrails: Rails, Ruby On Rails · Opensuse: Opensuse · Opensuse Project: Opensuse · Redhat: Cloudforms, Enterprise Linux

2 products

1 product

1 product

2 products

Configuration A

182 vulnerable

Vulnerable Software	Affected Versions
Rubyonrails Rails	Version 0.10.0
Rubyonrails Rails	Version 0.10.1
Rubyonrails Rails	Version 0.11.0
Rubyonrails Rails	Version 0.11.1
Rubyonrails Rails	Version 0.12.0
Rubyonrails Rails	Version 0.12.1
Rubyonrails Rails	Version 0.13.0
Rubyonrails Rails	Version 0.13.1
Rubyonrails Rails	Version 0.14.1
Rubyonrails Rails	Version 0.14.2
Rubyonrails Rails	Version 0.14.3
Rubyonrails Rails	Version 0.14.4
Rubyonrails Rails	Version 0.9.1
Rubyonrails Rails	Version 0.9.2
Rubyonrails Rails	Version 0.9.3
Rubyonrails Rails	Version 0.9.4.1
Rubyonrails Rails	Version 0.9.4
Rubyonrails Rails	Version 1.0.0
Rubyonrails Rails	Version 1.1.0
Rubyonrails Rails	Version 1.1.1
Rubyonrails Rails	Version 1.1.2
Rubyonrails Rails	Version 1.1.3
Rubyonrails Rails	Version 1.1.4
Rubyonrails Rails	Version 1.1.5
Rubyonrails Rails	Version 1.1.6
Rubyonrails Rails	Version 1.2.0
Rubyonrails Rails	Version 1.2.1
Rubyonrails Rails	Version 1.2.2
Rubyonrails Rails	Version 1.2.3
Rubyonrails Rails	Version 1.2.4
Rubyonrails Rails	Version 1.2.5
Rubyonrails Rails	Version 1.2.6
Rubyonrails Rails	Version 1.9.5
Rubyonrails Rails	Version 2.0.0
Rubyonrails Rails	Version 2.0.0 rc1
Rubyonrails Rails	Version 2.0.0 rc2
Rubyonrails Rails	Version 2.0.1
Rubyonrails Rails	Version 2.0.2
Rubyonrails Rails	Version 2.0.4
Rubyonrails Rails	Version 2.1.0
Rubyonrails Rails	Version 2.1.1
Rubyonrails Rails	Version 2.1.2
Rubyonrails Rails	Version 2.2.0
Rubyonrails Rails	Version 2.2.1
Rubyonrails Rails	Version 2.2.2
Rubyonrails Rails	Version 2.3.0
Rubyonrails Rails	Version 2.3.10
Rubyonrails Rails	Version 2.3.11
Rubyonrails Rails	Version 2.3.12
Rubyonrails Rails	Version 2.3.13
Rubyonrails Rails	Version 2.3.14
Rubyonrails Rails	Version 2.3.15
Rubyonrails Rails	Version 2.3.16
Rubyonrails Rails	Version 2.3.1
Rubyonrails Rails	Version 2.3.2
Rubyonrails Rails	Version 2.3.3
Rubyonrails Rails	Version 2.3.4
Rubyonrails Rails	Version 2.3.9
Rubyonrails Rails	Version 3.0.0
Rubyonrails Rails	Version 3.0.0 beta2
Rubyonrails Rails	Version 3.0.0 beta3
Rubyonrails Rails	Version 3.0.0 beta4
Rubyonrails Rails	Version 3.0.0 beta
Rubyonrails Rails	Version 3.0.0 rc2
Rubyonrails Rails	Version 3.0.0 rc
Rubyonrails Rails	Version 3.0.10
Rubyonrails Rails	Version 3.0.10 rc1
Rubyonrails Rails	Version 3.0.11
Rubyonrails Rails	Version 3.0.12
Rubyonrails Rails	Version 3.0.12 rc1
Rubyonrails Rails	Version 3.0.13
Rubyonrails Rails	Version 3.0.13 rc1
Rubyonrails Rails	Version 3.0.14
Rubyonrails Rails	Version 3.0.16
Rubyonrails Rails	Version 3.0.17
Rubyonrails Rails	Version 3.0.18
Rubyonrails Rails	Version 3.0.19
Rubyonrails Rails	Version 3.0.1
Rubyonrails Rails	Version 3.0.1 pre
Rubyonrails Rails	Version 3.0.20
Rubyonrails Rails	Version 3.0.2
Rubyonrails Rails	Version 3.0.2 pre
Rubyonrails Rails	Version 3.0.3
Rubyonrails Rails	Version 3.0.4 rc1
Rubyonrails Rails	Version 3.0.5
Rubyonrails Rails	Version 3.0.5 rc1
Rubyonrails Rails	Version 3.0.6
Rubyonrails Rails	Version 3.0.6 rc1
Rubyonrails Rails	Version 3.0.6 rc2
Rubyonrails Rails	Version 3.0.7
Rubyonrails Rails	Version 3.0.7 rc1
Rubyonrails Rails	Version 3.0.7 rc2
Rubyonrails Rails	Version 3.0.8
Rubyonrails Rails	Version 3.0.8 rc1
Rubyonrails Rails	Version 3.0.8 rc2
Rubyonrails Rails	Version 3.0.8 rc3
Rubyonrails Rails	Version 3.0.8 rc4
Rubyonrails Rails	Version 3.0.9
Rubyonrails Rails	Version 3.0.9 rc1
Rubyonrails Rails	Version 3.0.9 rc2
Rubyonrails Rails	Version 3.0.9 rc3
Rubyonrails Rails	Version 3.0.9 rc4
Rubyonrails Rails	Version 3.0.9 rc5
Rubyonrails Rails	Version 3.1.0
Rubyonrails Rails	Version 3.1.0 beta1
Rubyonrails Rails	Version 3.1.0 rc1
Rubyonrails Rails	Version 3.1.0 rc2
Rubyonrails Rails	Version 3.1.0 rc3
Rubyonrails Rails	Version 3.1.0 rc4
Rubyonrails Rails	Version 3.1.0 rc5
Rubyonrails Rails	Version 3.1.0 rc6
Rubyonrails Rails	Version 3.1.0 rc7
Rubyonrails Rails	Version 3.1.0 rc8
Rubyonrails Rails	Version 3.1.10
Rubyonrails Rails	Version 3.1.1
Rubyonrails Rails	Version 3.1.1 rc1
Rubyonrails Rails	Version 3.1.1 rc2
Rubyonrails Rails	Version 3.1.1 rc3
Rubyonrails Rails	Version 3.1.2
Rubyonrails Rails	Version 3.1.2 rc1
Rubyonrails Rails	Version 3.1.2 rc2
Rubyonrails Rails	Version 3.1.3
Rubyonrails Rails	Version 3.1.4
Rubyonrails Rails	Version 3.1.4 rc1
Rubyonrails Rails	Version 3.1.5
Rubyonrails Rails	Version 3.1.5 rc1
Rubyonrails Rails	Version 3.1.6
Rubyonrails Rails	Version 3.1.7
Rubyonrails Rails	Version 3.1.8
Rubyonrails Rails	Version 3.1.9
Rubyonrails Rails	Version 3.2.0
Rubyonrails Rails	Version 3.2.0 rc1
Rubyonrails Rails	Version 3.2.0 rc2
Rubyonrails Rails	Version 3.2.10
Rubyonrails Rails	Version 3.2.11
Rubyonrails Rails	Version 3.2.12
Rubyonrails Rails	Version 3.2.13
Rubyonrails Rails	Version 3.2.13 rc1
Rubyonrails Rails	Version 3.2.13 rc2
Rubyonrails Rails	Version 3.2.15
Rubyonrails Rails	Version 3.2.15 rc3
Rubyonrails Rails	Version 3.2.1
Rubyonrails Rails	Version 3.2.2
Rubyonrails Rails	Version 3.2.2 rc1
Rubyonrails Rails	Version 3.2.3
Rubyonrails Rails	Version 3.2.3 rc1
Rubyonrails Rails	Version 3.2.3 rc2
Rubyonrails Rails	Version 3.2.4
Rubyonrails Rails	Version 3.2.4 rc1
Rubyonrails Rails	Version 3.2.5
Rubyonrails Rails	Version 3.2.6
Rubyonrails Rails	Version 3.2.7
Rubyonrails Rails	Version 3.2.8
Rubyonrails Rails	Version 3.2.9
Rubyonrails Rails	Version 4.0.0
Rubyonrails Rails	Version 4.0.0 beta
Rubyonrails Rails	Version 4.0.0 rc1
Rubyonrails Rails	Version 4.0.0 rc2
Rubyonrails Rails	Version 4.0.1
Rubyonrails Rails	Version 4.0.1 rc1
Rubyonrails Rails	Version 4.0.1 rc2
Rubyonrails Rails	Version 4.0.1 rc3
Rubyonrails Rails	Version 4.0.1 rc4
Rubyonrails Rails	Version 4.0.2
Rubyonrails Rails	Version 4.1.0 beta1
Rubyonrails Ruby On Rails	Up to 3.2.16
Rubyonrails Ruby On Rails	Version 0.5.0
Rubyonrails Ruby On Rails	Version 0.5.5
Rubyonrails Ruby On Rails	Version 0.5.6
Rubyonrails Ruby On Rails	Version 0.5.7
Rubyonrails Ruby On Rails	Version 0.6.0
Rubyonrails Ruby On Rails	Version 0.6.5
Rubyonrails Ruby On Rails	Version 0.7.0
Rubyonrails Ruby On Rails	Version 0.8.0
Rubyonrails Ruby On Rails	Version 0.8.5
Rubyonrails Ruby On Rails	Version 0.9.0
Rubyonrails Ruby On Rails	Version 3.0.4
Rubyonrails Ruby On Rails	Version 3.2.14
Rubyonrails Ruby On Rails	Version 3.2.14 rc1
Rubyonrails Ruby On Rails	Version 3.2.14 rc2
Rubyonrails Ruby On Rails	Version 3.2.15 rc1
Rubyonrails Ruby On Rails	Version 3.2.15 rc2