Ruby on Rails 'WEBrick::HTTPRequest' Module HTTP Header Injection Vulnerability
Ruby on Rails is prone to a vulnerability that allows attackers to inject arbitrary content into the 'X-Forwarded-For', 'X-Forwarded-Host' and 'X-Forwarded-Server' HTTP headers because the 'WEBrick::HTTPRequest' module fails to sufficiently sanitize input.
By inserting arbitrary data into the affected HTTP header field, attackers may be able to launch cross-site request-forgery, cross-site scripting, HTML-injection, and other attacks.
NOTE: This issue only affects requests sent from clients on the same subnet as the server.
Ruby on Rails 3.0.5 is vulnerable; other versions may also be affected.