Rails Security Updates Patch XSS Vulnerability
The flaw could allow an attacker to insert arbitrary code into a page.
Ruby on Rails has been updated to patch a security flaw.
"According to the developers, a cross-site scripting (XSS) vulnerability in the helper method for i18n translations could be exploited by an attacker to insert arbitrary code into a page," The H Security reports.
"Rails 3.0.0 and later, as well as 2.3.x in combination with the rails_xss plug-in, are affected," the article states.
Go to "Rails updates close XSS hole" to read the details.
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.