stable

rubygem-actionpack-2.1.1-3.el5 and rubygem-activesupport-2.1.1-2.el5

FEDORA-EPEL-2009-0500 created by mtasaka 15 years ago for Fedora EPEL 5

A vulnerability is found on Ruby on Rails in the escaping code for the form helpers, which also affects the rpms shipped in Fedora Project. Attackers who can inject deliberately malformed unicode strings into the form helpers can defeat the escaping checks and inject arbitrary HTML. This issue has been tagged as CVE-2009-3009.

These new rpms will fix this issue.

This update has been pushed to stable

15 years ago

Please login to add feedback.

Metadata
Type
security
Karma
0
Signed
Content Type
RPM
Test Gating
Autopush Settings
Unstable by Karma
-3
Stable by Karma
disabled
Stable by Time
disabled
Dates
submitted
15 years ago
in stable
15 years ago
BZ#520843 CVE-2009-3009 ruby-activesupport: XSS vulnerability
0
0

Automated Test Results