rubygem-actionview: views that use the `j` or `escape_javascript` methods are susceptible to XSS attacks
A flaw was found in rubygem-actionview. Views that use the j or escapejavascript methods may be susceptible to XSS attacks with ActionView's JavaScript literal escape helpers. The highest threat from this vulnerability is to data confidentiality and integrity...