rubygem-rails -- JSON XSS vulnerability

2007-10-12T00:00:00
ID 44FB0302-9D38-11DC-9114-001C2514716C
Type freebsd
Reporter FreeBSD
Modified 2007-12-01T00:00:00

Description

Rails core team reports:

All users of Rails 1.2.4 or earlier are advised to upgrade to 1.2.5, though it isn't strictly necessary if you aren't working with JSON. For more information the JSON vulnerability, see CVE-2007-3227.