Description
The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2012-0503 Vulnerability (CVE-2012-0503)
MySQL CVE-2016-5441 Vulnerability (CVE-2016-5441)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-3176)
WordPress Plugin Simple Login Log Multiple Vulnerabilities (0.9.3)
WordPress Plugin teachPress Unspecified Vulnerability (5.0.17)