rubygem-rails -- JSON XSS vulnerability

ID 44FB0302-9D38-11DC-9114-001C2514716C
Type freebsd
Reporter FreeBSD
Modified 2007-12-01T00:00:00


Rails core team reports:

All users of Rails 1.2.4 or earlier are advised to upgrade to 1.2.5, though it isn't strictly necessary if you aren't working with JSON. For more information the JSON vulnerability, see CVE-2007-3227.