ruby: Cookie prefix spoofing in CGI::Cookie.parse
A flaw was found in Ruby. RubyGems cgi gem could allow a remote attacker to conduct spoofing attacks caused by the mishandling of security prefixes in cookie names in the CGI::Cookie.parse function. By sending a specially-crafted request, an attacker could perform cookie prefix spoofing attacks...