CVE-2011-1497

CVE-2011-1497

EPSS 1.2%CWE-79

A cross-site scripting vulnerability flaw was found in the auto_link function in Rails before version 3.0.6.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/rails/rails/blob/38df020c95beca7e12f0188cb7e18f3c37789e20/actionpack/CHANGELOG https://www.openwall.com/lists/oss-security/2011/04/06/13