Peter Galiovsky
2012-Aug-10 09:39 UTC
Missing earlier versions work around for "XSS Vulnerability in strip_tags"
The rubyonrails-security announcement for CVE-2012-3465 "XSS Vulnerability in strip_tags" mentions that a work around for earlier versions should be attached, but there''s none, only patches for 3.0 series and up. Is the work around available? If so, where can I get hold of it? Thanks in advance, Peter -- Posted via http://www.ruby-forum.com/. -- You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group. To post to this group, send email to rubyonrails-talk-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org To unsubscribe from this group, send email to rubyonrails-talk+unsubscribe-/JYPxA39Uh5TLH3MbocFF+G/Ez6ZCGd0@public.gmane.org For more options, visit https://groups.google.com/groups/opt_out.
Apparently Analagous Threads
- [Security] Loofah has an HTML injection / XSS vulnerability, please upgrade to 0.4.6
- Using action view helpers (strip_tags) in a rake task?
- Apache mod_perl cross site scripting vulnerability
- Apache mod_perl cross site scripting vulnerability
- Apache mod_perl cross site scripting vulnerability