def check_cve_2016_6316
if cve_2016_6316?
confidence = if @content_tags.any?
:high
else
:medium
end
fix_version = case
when version_between?("3.0.0", "3.2.22.3")
"3.2.22.4"
when version_between?("4.0.0", "4.2.7.0")
"4.2.7.1"
when version_between?("5.0.0", "5.0.0")
"5.0.0.1"
when (version.nil? and tracker.options[:rails3])
"3.2.22.4"
when (version.nil? and tracker.options[:rails4])
"4.2.7.2"
else
return
end
warn :warning_type => "Cross-Site Scripting",
:warning_code => :CVE_2016_6316,
:message => msg(msg_version(rails_version), " ", msg_code("content_tag"), " does not escape double quotes in attribute values ", msg_cve("CVE-2016-6316"), ". Upgrade to ", msg_version(fix_version)),
:confidence => confidence,
:gem_info => gemfile_or_environment,
:link_path => "https://groups.google.com/d/msg/ruby-security-ann/8B2iV2tPRSE/JkjCJkSoCgAJ"
end
end