Ruby on Rails CVE-2013-0155 Unsafe SQL Query Generation Vulnerability

Ruby on Rails is prone to an unsafe SQL query generation vulnerability.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

The vulnerability is fixed in the following versions:

Ruby on Rails 3.0.19 , 3.1.10, and 3.2.11.


 

Privacy Statement
Copyright 2010, SecurityFocus