All Ruby On Rails Versions Suffer SQL Injection Flaw - Ultimate Web Site Drop Down Menu Forum

		Ultimate Web Site Drop Down Menu Forum > News and Information > General Web Trends and News
All Ruby On Rails Versions Suffer SQL Injection Flaw

View First Unread

Thread Tools

Display Modes

01-03-2013, 05:33 PM

sl4shd0t

Posts: n/a

All Ruby On Rails Versions Suffer SQL Injection Flaw

Trailrunner7 writes with the news as posted at Threatpost (based on this advisory) that "All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an attacker to inject code into Web applications. The vulnerability is a serious one given the widespread use of the popular framework for developing Web apps, and the maintainers of Ruby on Rails have released new versions that fixes the flaw, versions 3.2.10, 3.1.9 and 3.0.18. The advisory recommends that users running affected versions, which is essentially anyone using Ruby on Rails, upgrade immediately to one of the fixed versions, 3.2.10, 3.1.9 or 3.0.18. The vulnerability lies specifically in the Ruby on Rails framework, and it's presence doesn't mean that all of the apps developed on vulnerable versions are susceptible to the bug."

Read more of this story at Slashdot.

More...

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

All times are GMT. The time now is 02:57 AM.

Home

About

Demos

Download

Purchase

Support

Contact

Forum

Blog