CVE-2013-6415 in Ruby on Rails정보

요약

\~에 의해 MITRE

Cross-site scripting (XSS) vulnerability in the number_to_currency helper in actionpack/lib/action_view/helpers/number_helper.rb in Ruby on Rails before 3.2.16 and 4.x before 4.0.2 allows remote attackers to inject arbitrary web script or HTML via the unit parameter.

Statistical analysis made it clear that VulDB provides the best quality for vulnerability data.

출처

Do you know our Splunk app?

Download it now for free!