Description
Cross-site scripting (XSS) vulnerability in Ruby on Rails 3.0.x before 3.0.12, 3.1.x before 3.1.4, and 3.2.x before 3.2.2 allows remote attackers to inject arbitrary web script or HTML via vectors involving a SafeBuffer object that is manipulated through certain methods.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Booking Cross-Site Scripting (1.4)
Oracle Application Server Other Vulnerability (CVE-2007-3863)
WordPress Plugin Click to Call or Chat Buttons Cross-Site Scripting (1.4.0)
Perl Numeric Errors Vulnerability (CVE-2013-7422)
Joomla Improper Input Validation Vulnerability (CVE-2008-4103)