Added an advisory for actionpack's CVE-2013-4491.

3fe10df4 · Postmodern · 2f4e0a09 · 3fe10df4
Commit 3fe10df4 authored Dec 03, 2013 by Postmodern
--- a/gems/actionpack/CVE-2013-4491.yml
+++ b/gems/actionpack/CVE-2013-4491.yml
+---
+gem: actionpack
+framework: rails
+cve: 2013-4491
+osvdb: 
+url: https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
+title: Reflective XSS Vulnerability in Ruby on Rails
+date: 2013-12-03
+
+description: |
+  There is a vulnerability in the internationalization component of Ruby on
+  Rails. Under certain common configurations an attacker can provide specially
+  crafted input which will execute a reflective XSS attack.
+  
+  The root cause of this issue is a vulnerability in the i18n gem which has
+  been assigned the identifier CVE-2013-4492.
+
+cvss_v2: 
+
+patched_versions:
+  - ~> 3.2.16
+  - ">= 4.0.2"