Several cross-site-scripting and denial of service vulnerabilities were discovered in Ruby on Rails, a Ruby framework for web application development.