Ruby on Rails 'number_to_currency' Helper Cross Site Scripting Vulnerability

Bugtraq ID: 64077
Class: Input Validation Error
CVE: CVE-2013-6415
Remote: Yes
Local: No
Published: Dec 04 2013 12:00AM
Updated: Jun 10 2014 12:02AM
Credit: Ankit Gupta
Vulnerable: Ruby on Rails Ruby on Rails 3.2.4
Ruby on Rails Ruby on Rails 3.2.2
Ruby on Rails Ruby on Rails 3.1.5
Ruby on Rails Ruby on Rails 3.1.4
Ruby on Rails Ruby on Rails 3.1.2
Ruby on Rails Ruby on Rails 3.0.6
Ruby on Rails Ruby on Rails 3.0.8
Ruby on Rails Ruby on Rails 3.0.7
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus