Establishing Digital Trust: Don't Sacrifice Security for Convenience
Ruby on Rails has been updated to patch a security flaw.
"According to the developers, a cross-site scripting (XSS) vulnerability in the helper method for i18n translations could be exploited by an attacker to insert arbitrary code into a page," The H Security reports.
"Rails 3.0.0 and later, as well as 2.3.x in combination with the rails_xss plug-in, are affected," the article states.
Go to "Rails updates close XSS hole" to read the details.https://o1.qnsr.com/log/p.gif?;n=203;c=204650394;s=9477;x=7936;f=201801171506010;u=j;z=TIMESTAMP;a=20392931;e=i
For regular security news updates, follow eSecurityPlanet on Twitter: @eSecurityP.