CVE-2013-6415 in Ruby on Rails
요약
\~에 의해 MITRE
Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter.
Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.