Core Spring Data
Written by: Oliver Gierke
Featured Refcardz: Top Refcardz:
  1. Git
  2. Prep for CD
  3. DNS
  4. Data Mining
  5. Spring Data
  1. Data Mining
  2. Spring Data
  3. DNS
  4. Machine Learning
  5. MongoDB
150+ Refcardz Available · Get them all

Link Details

Previous | Next

Surprise Me!

Link 908955 thumbnail
User 355617 avatar

By piccoloprincipe
via groups.google.com
Submitted: Jan 19 2013 / 06:31

Multiple vulnerabilities in Rails parameter parsing in Action Pack
There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application. This vulnerability has been assigned the CVE identifier CVE-2013-0156.
Vote up
Vote down
  • 1
  • 0
  • 66
  • 35
SaveShareSend Tags: , , ,

Add your comment


Html tags not supported. Reply is editable for 5 minutes. Use [code lang="java|ruby|sql|css|xml"][/code] to post code snippets.

Voters For This Link (1)



Voters Against This Link (0)