Download
| Alert*
DSA-1887 rails -- missing input sanitising
Brian Mastenbrook discovered that rails, the MVC ruby based framework geared for web application development, is prone to cross-site scripting attacks via malformed strings in the form helper.
|