info
discussion
exploit
solution
references
Ruby on Rails To_JSON Script Injection Vulnerability
Attackers can use a browser to exploit this issue.
Sample exploit code is available:
/data/vulnerabilities/exploits/json_xss.tgz
Privacy Statement
Copyright 2010, SecurityFocus
