• info
• discussion
• exploit
• solution
• references

Ruby on Rails CVE-2012-3464 Cross Site Scripting Vulnerability

To exploit this issue, an attacker must entice an unsuspecting victim to follow a malicious URI.