OtherCVSS 2.5

Action Text ReDoS (Ruby 3.1 or lower)

hackerone-reports

June 10, 2026

0 views

Save

€0

Vulnerability Summary

HackerOne disclosed report --> https://hackerone.com/reports/2389431 by ooooooo_q

I have found ReDoS in Action Text. However, it does not occur with Ruby 3.2 or later.

https://github.com/rails/rails/blob/v7.1.3.2/actiontext/lib/action_text/plain_text_conversion.rb#L64

      def plain_text_for_blockquote_node(node, index)
        text = plain_text_for_block(node)
        text.sub(/\A(\s*)(.+?)(\s*)\Z/m, '\1“\2”\3')
      end

Identification Required

You must be logged in to read this writeup. Join our community of researchers today.

Sign In Register

Related Writeups

hackerone-reports

DLL side-loading vulnerability in Sony Music Center for PC Ver. 2.7.2 (Latest version)

HackerOne disclosed report --> https://hackerone.com/reports/3355766 by resurrect20

Read Writeup →

hackerone-reports

HMAC signature verification omits endpoint and payload allowing request forgery on CoinMate API

HackerOne disclosed report --> https://hackerone.com/reports/3670955 by glferreira-devsecops

Read Writeup →

hackerone-reports

LogicalBreach Academy

Action Text ReDoS (Ruby 3.1 or lower)

Identification Required

Related Writeups

DLL side-loading vulnerability in Sony Music Center for PC Ver. 2.7.2 (Latest version)

HMAC signature verification omits endpoint and payload allowing request forgery on CoinMate API

Critical Deadlock Vulnerability in Monero RPC Leading to Complete Node Paralysis

Discussion