A security vulnerability has been found in Kaminari, a pagination engine plugin for Rails 3+ and other modern frameworks, that would allow an attacker to inject arbitrary code into pages with pagination links.