Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2007-06-14T23:00:00
Updated: 2024-08-07T14:05:29.598Z
Reserved: 2007-06-14T00:00:00
Link: CVE-2007-3227
Vulnrichment
No data.
NVD
Status : Modified
Published: 2007-06-14T23:30:00.000
Modified: 2024-11-21T00:32:42.670
Link: CVE-2007-3227
Redhat
No data.