|
|
Log in / Subscribe / Register

rails: missing input sanitizing

Package(s):rails CVE #(s):CVE-2009-3009
Created:September 15, 2009 Updated:December 21, 2009
Description: From the Debian advisory: Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper.
Alerts:
Gentoo 200912-02 rails 2009-12-20
Fedora FEDORA-2009-12966 rubygem-actionpack 2009-12-10
Fedora FEDORA-2009-9799 rubygem-actionpack 2009-09-24
Fedora FEDORA-2009-9922 rubygem-activesupport 2009-09-25
Fedora FEDORA-2009-9922 rubygem-actionpack 2009-09-25
Fedora FEDORA-2009-9799 rubygem-activesupport 2009-09-24
Debian DSA-1887-1 rails 2009-09-15
SuSE SUSE-SR:2009:017 php5, newt, rubygem-actionpack, rubygem-activesupport, java-1_4_2-ibm, postgresql, samba, phpMyAdmin, viewvc 2009-10-26
Fedora FEDORA-2009-10484 rubygem-rails 2009-10-14
Fedora FEDORA-2009-10484 rubygem-activeresource 2009-10-14
Fedora FEDORA-2009-10484 rubygem-activesupport 2009-10-14
Fedora FEDORA-2009-10484 rubygem-activerecord 2009-10-14
Fedora FEDORA-2009-10484 rubygem-actionpack 2009-10-14
Fedora FEDORA-2009-10484 rubygem-actionmailer 2009-10-14
to post comments


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds