Ruby on Rails security issues


#1

There have been several security issues recently disclosed in the Ruby on Rails framework.

The most recent is as bad as they get - allowing the execution of arbitrary code from a remote attacker with just a simple HTTP POST.

There is a good amount of documentation online about how to exploit the bug too, which will mean exploits will be appearing almost immediately.

If you’re running any kind of Ruby on Rails application you should be looking to patch them as a matter of some urgency.