11 matches found
Gentoo Security Advisory GLSA 200711-17 (rails)
The remote host is missing updates announced in advisory GLSA 200711-17. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Gentoo Security Advisory GLSA 200711-17 (rails)
The remote host is missing updates announced in advisory GLSA 200711-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
FreeBSD Ports: rubygem-rails
The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
FreeBSD Ports: rubygem-rails
The remote host is missing an update to the system as announced in the referenced advisory. VID 44fb0302-9d38-11dc-9114-001c2514716c OpenVAS Vulnerability Test $ Description: Auto generated from vuxml or freebsd advisories Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc...
[ GLSA 200711-17 ] Ruby on Rails: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 200711-17 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - -...
openSUSE 10 Security Update : rubygem-activesupport (rubygem-activesupport-4568)
A cross site scripting XSS bug allowed attackers to execute JavaScript code in the context of other websites CVE-2007-3227. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update...
rubygem-rails -- JSON XSS vulnerability
Rails core team reports: All users of Rails 1.2.4 or earlier are advised to upgrade to 1.2.5, though it isn't strictly necessary if you aren't working with JSON. For more information the JSON vulnerability, see CVE-2007-3227...
CVE-2007-3227
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
CVE-2007-3227
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...
CVE-2007-3227
The CVE-2007-3227 entry describes a Cross-site scripting (XSS) vulnerability in Rails: the to_json (ActiveRecord::Base#to_json) function allows injecting arbitrary script via input values. Affected software is Ruby on Rails prior to the edge 9606 release; exploitation could occur remotely through...
CVE-2007-3227
Cross-site scripting XSS vulnerability in the tojson ActiveRecord::Basetojson function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values...