Debian: 2597-1: rails: input validation error
Jan09
on January 9, 2013
at 8:46 pm
Posted In: Uncategorized
(Jan 4) joernchen of Phenoelit discovered that rails, an MVC ruby based framework geared for web application development, is not properly treating user-supplied input to “find_by_*” methods. Depending on how the ruby on rails application is using these methods, this allows an attacker [More…]
Comment