Cross-site scripting (XSS) vulnerability in Ruby on Rails 2.x before 2.2.3, and 2.3.x before 2.3.4, allows remote attackers to inject arbitrary web script or HTML by placing malformed Unicode strings into a form helper.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2009-09-08T18:00:00
Updated: 2017-08-16T14:57:01
Reserved: 2009-08-29T00:00:00
Link: CVE-2009-3009
JSON object: View
NVD Information
Status : Modified
Published: 2009-09-08T18:30:00.327
Modified: 2019-08-08T14:43:53.293
Link: CVE-2009-3009
JSON object: View
Redhat Information
No data.
CWE