Ruby on Rails Active Record CVE-2012-2695 SQL Injection Vulnerability

Ruby on Rails is prone to an SQL-injection vulnerability.

Exploiting this issue could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

The vulnerability is fixed in the following versions:

Ruby on Rails 3.0.14, 3.1.6 and 3.2.6.


Privacy Statement
Copyright 2010, SecurityFocus