CVE-2023-23913

NameCVE-2023-23913
DescriptionThere is a potential DOM based cross-site scripting issue in rails-ujs which leverages the Clipboard API to target HTML elements that are assigned the contenteditable attribute. This has the potential to occur when pasting malicious HTML content from the clipboard that includes a data-method, data-remote or data-disable-with attribute.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
ReferencesDSA-5389-1
Debian Bugs1033263

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
rails (PTS)bullseye (security), bullseye2:6.0.3.7+dfsg-2+deb11u2fixed
bookworm2:6.1.7.3+dfsg-2~deb12u1fixed
sid, trixie2:6.1.7.3+dfsg-13fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
railssourcebullseye2:6.0.3.7+dfsg-2+deb11u2DSA-5389-1
railssource(unstable)2:6.1.7.3+dfsg-11033263

Notes

https://github.com/rails/rails/commit/5037a13614d71727af8a175063bcf6ba1a74bdbd (v6.1.7.3)
https://discuss.rubyonrails.org/t/cve-2023-23913-dom-based-cross-site-scripting-in-rails-ujs-for-contenteditable-html-elements/82468
Search for package or bug name: Reporting problems