A flaw was found in rubygem-actionview. Views that use the j
or escape_javascript
methods may be susceptible to XSS attacks with ActionView’s JavaScript literal escape helpers. The highest threat from this vulnerability is to data confidentiality and integrity.