FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

rubygem-rails -- multiple vulnerabilities

Affected packages
rubygem-rails < 3.0.10

Details

VuXML ID be77eff6-ca91-11e0-aea3-00215c6a37bb
Discovery 2011-08-16
Entry 2011-08-19

SecurityFocus reports:

Ruby on Rails is prone to multiple vulnerabilities including SQL-injection, information-disclosure, HTTP-header-injection, security-bypass and cross-site scripting issues.

References

Bugtraq ID 49179
URL http://groups.google.com/group/rubyonrails-security/browse_thread/thread/2b9130749b74ea12
URL http://groups.google.com/group/rubyonrails-security/browse_thread/thread/3420ac71aed312d6
URL http://groups.google.com/group/rubyonrails-security/browse_thread/thread/56bffb5923ab1195
URL http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6a1e473744bc389b
URL http://groups.google.com/group/rubyonrails-security/browse_thread/thread/6ffc93bde0298768