Description
Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.
Remediation
References
Related Vulnerabilities
WordPress Plugin Advanced Ads-Ad Manager & AdSense Unspecified Vulnerability (1.7.1.1)
Oracle Database Server CVE-2008-2607 Vulnerability (CVE-2008-2607)
WordPress Plugin Content Copy Protection & Prevent Image Save Cross-Site Request Forgery (1.3)
Moodle Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-3390)
WordPress Plugin Comment Extra Fields Multiple Cross-Site Scripting Vulnerabilities (1.7)