Description
The encrypt/decrypt functions in Ruby on Rails 2.3 are vulnerable to padding oracle attacks.
Remediation
References
Related Vulnerabilities
Plone CMS Other Vulnerability (CVE-2006-1711)
WordPress Plugin GiveWP-Donation and Fundraising Platform SQL Injection (2.24.0)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-0217)
WordPress Plugin IGIT Posts Slider Widget TimThumb Arbitrary File Upload (1.1)