logo
DATABASE RESOURCES PRICING ABOUT US

FreeBSD : Rails 4 -- Possible XSS Vulnerability in Action View (43f1c867-654a-11e6-8286-00248c0c745d)

Description

Ruby Security team reports : There is a possible XSS vulnerability in Action View. Text declared as 'HTML safe' will not have quotes escaped when used as attribute values in tag helpers. This vulnerability has been assigned the CVE identifier CVE-2016-6316.


Related