There is a vulnerability in the internationalization component of Ruby on
Rails. Under certain common configurations an attacker can provide specially
crafted input which will execute a reflective XSS attack.
The root cause of this issue is a vulnerability in the i18n gem which has
been assigned the identifier CVE-2013-4492.
CPE | Name | Operator | Version |
---|---|---|---|
actionpack | le | 3.2.15 | |
actionpack | ge | 3.3.0 | |
actionpack | lt | 4.0.2 |