Oval Definition:oval:org.mitre.oval:def:7762
Revision Date:2014-06-23Version:17
Title:DSA-1887 rails -- missing input sanitising
Description:Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper.
Family:unixClass:patch
Status:ACCEPTEDReference(s):CVE-2009-3009
DSA-1887
Platform(s):Debian GNU/Linux 5.0
Product(s):rails
Definition Synopsis
  • Debian GNU/Linux 5.0 is installed
  • AND Installed architecture is all
  • AND rails is earlier than 2.1.0-7
    • BACK