Commit 3fe10df4 authored by Postmodern's avatar Postmodern
Browse files

Added an advisory for actionpack's CVE-2013-4491.

parent 2f4e0a09
---
gem: actionpack
framework: rails
cve: 2013-4491
osvdb:
url: https://groups.google.com/forum/#!topic/ruby-security-ann/pLrh6DUw998
title: Reflective XSS Vulnerability in Ruby on Rails
date: 2013-12-03
description: |
There is a vulnerability in the internationalization component of Ruby on
Rails. Under certain common configurations an attacker can provide specially
crafted input which will execute a reflective XSS attack.
The root cause of this issue is a vulnerability in the i18n gem which has
been assigned the identifier CVE-2013-4492.
cvss_v2:
patched_versions:
- ~> 3.2.16
- ">= 4.0.2"
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment