Description
The is a code injection vulnerability in versions of Rails prior to 5.0.1 that wouldallow an attacker who controlled the `locals` argument of a `render` call to perform a RCE.
Remediation
References
Related Vulnerabilities
WordPress Plugin Data Tables Generator by Supsystic Cross-Site Scripting (1.10.19)
WordPress Plugin EWWW Image Optimizer Cloud Cross-Site Scripting (2.0.1)
MediaWiki Other Vulnerability (CVE-2005-1888)
MySQL CVE-2018-2782 Vulnerability (CVE-2018-2782)
WordPress Plugin Transposh WordPress Translation Cross-Site Scripting (0.8.3)