rubygem-rack: percent-encoded cookies can be used to overwrite existing prefixed cookie names
A flaw was found in rubygem-rack. An attacker may be able to trick a vulnerable application into processing an insecure non-SSL or cross-origin request if they can gain the ability to write arbitrary cookies that are sent to the application. The highest threat from this vulnerability is to data...