# File lib/brakeman/checks/check_strip_tags.rb, line 66
  def cve_2015_7579
    if tracker.config.gem_version('rails-html-sanitizer''rails-html-sanitizer') == '1.0.2'
      if uses_strip_tags?
        confidence = :high
      else
        confidence = :medium
      end

      message = msg(msg_version("1.0.2", "rails-html-sanitizer"), " is vulnerable (CVE-2015-7579). Upgrade to ", msg_version("1.0.3", "rails-html-sanitizer"))

      warn :warning_type => "Cross-Site Scripting",
        :warning_code => :CVE_2015_7579,
        :message => message,
        :confidence => confidence,
        :gem_info => gemfile_or_environment("rails-html-sanitizer""rails-html-sanitizer"),
        :link_path => "https://groups.google.com/d/msg/rubyonrails-security/OU9ugTZcbjc/PjEP46pbFQAJ"

    end
  end