Rails updates close XSS hole The H According to the developers, a cross-site scripting (XSS) vulnerability in the helper method for i18n translations could be exploited by an attacker to insert arbitrary code into a page. Rails 3.0.0 and later, as well as 2.3.x in combination with the ... |
For more information, please visit
http://news.google.com/news/url?sa=t&fd=[...]es-close-XSS-hole-1381278.html