Help Center

Version 2.0

• Email Support: Submit a Ticket

• Website Protection
• Latest Vulnerabilities

Related Articles

• Multiple Vulnerabilities in Translation Management 6.x-1.21
• Multiple Vulnerabilities in JS Calendar 1.5.1 and 1.5.4 for Joomla!
• Cross-Site Scripting Vulnerability in WPtouch Plug-in 1.9.19.4 and 1.9.20
• Multiple Vulnerabilities in Joomla! 1.6 and 1.6.1
• Cross-Site Scripting Vulnerability in Mojolicious 1.12
• Multiple Vulnerabilities in MediaWiki Versions Prior to 1.16.4
• Directory Traversal Vulnerability in WP Custom Pages 0.5.0.1

Cross-Site Scripting Vulnerabilities in Ruby on Rails 2.x, 3.0.x, and 3.1.x

Ruby on Rails® is a an open-source Web application framework.

Affected Application: Ruby on Rails versions 2.x, 3.0.x and 3.1.x.

Issue: On 06/30/2011, a cross-site scripting vulnerability was reported for Ruby on Rails. The vulnerability lets attackers hijack user sessions, deface websites, or redirect visitors to malicious sites.

Resolution: Update to the most recent version of Ruby on Rails. For more information, see http://rubyonrails.org/

We compiled this information using the National Vulnerability Database. For more information about this issue, see the summary for CVE-2011-2197. To learn more about cross-site scripting vulnerabilities, see Cross-Site Scripting.

Website Protection Site Scanner scans for this vulnerability, and many more. To learn about Site Scanner, see Getting Started with Website Protection Site Scanner.

• Not helpful
• Somewhat helpful
• Helpful
• Very Helpful
• Solved my problem