CVE-2013-6417
The CVE-2013-6417 issue affects Ruby on Rails’ ActionPack (lib/action_dispatch/http/request.rb) where differences in parameter handling between Active Record and the JSON implementation allow remote attackers to bypass database-query restrictions and trigger NULL checks or missing WHERE clauses b...