CVE-2013-6415 in Ruby on Railsinformation

Résumé

par MITRE

Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

Sources

Do you know our Splunk app?

Download it now for free!