The host is installed with Ruby on Rails 2.3.x before 2.3.13 and is prone to CRLF injection vulnerability. A flaw is present in the application which fails to sufficiently validate the values provided. Successful exploitation allows remote attackers to inject arbitrary HTTP headers into a response.