activesupport is vulnerable to Cross-site Scripting (XSS). The vulnerability exists due to output_safety.rb
when the new bytesplice
method is called on a SafeBuffer
with untrusted user input, because the html_safe
tag is not removed after being mutated which allows an attacker to inject and execute malicious JavaScript.