Ruby on Rails CVE-2013-0155 Unsafe SQL Query Generation Vulnerability
Ruby on Rails is prone to an unsafe SQL query generation vulnerability.
Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
The vulnerability is fixed in the following versions:
Ruby on Rails 3.0.19 , 3.1.10, and 3.2.11.