logo
DATABASE RESOURCES PRICING ABOUT US

Reflective XSS Vulnerability in Ruby on Rails

Description

There is a vulnerability in the internationalization component of Ruby on Rails. Under certain common configurations an attacker can provide specially crafted input which will execute a reflective XSS attack. The root cause of this issue is a vulnerability in the i18n gem which has been assigned the identifier CVE-2013-4492.


Affected Software


CPE Name Name Version
actionpack 3.2.15
actionpack 3.3.0
actionpack 4.0.2

Related