Ruby on Rails Multiple Vulnerabilities

Ruby on Rails is prone to multiple vulnerabilities, including SQL-injection, information-disclosure, HTTP header-injection, security-bypass, and cross-site scripting issues.

Exploiting these issues can allow attackers to manipulate data, disclose sensitive information, inject arbitary HTTP headers, execute arbitrary script code, and bypass certain security restrictions.

Ruby on Rails versions prior to 2.3.13 and 3.0.10 are affected.


Privacy Statement
Copyright 2010, SecurityFocus