JSON 'ActiveSupport::JSON.encode()' Function Cross Site Scripting Vulnerability

Bugtraq ID: 75231
Class: Input Validation Error
CVE: CVE-2015-3226
Remote: Yes
Local: No
Published: Jun 17 2015 12:00AM
Updated: Jul 05 2016 09:35PM
Credit: Francois Chagnon of Shopify
Vulnerable: Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus