Link Details

Link 908955 thumbnail
User 355617 avatar

By piccoloprincipe
via groups.google.com
Submitted: Jan 19 2013 / 06:31

There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application. This vulnerability has been assigned the CVE identifier CVE-2013-0156.
  • 1
  • 0
  • 98
  • 35

Add your comment


Html tags not supported. Reply is editable for 5 minutes. Use [code lang="java|ruby|sql|css|xml"][/code] to post code snippets.

Voters For This Link (1)



Voters Against This Link (0)



    Java Performance Optimization
    Written by: Pierre-Hugues Charbonneau
    Featured Refcardz: Top Refcardz:
    1. Design Patterns
    2. OO JS
    3. Cont. Delivery
    4. Java EE7
    5. HTML5 Mobile
    1. Node.js
    2. Debugging JavaScript
    3. OO JS
    4. JSON
    5. Ajax