Description
CRLF injection vulnerability in Ruby on Rails before 2.0.5 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via a crafted URL to the redirect_to function.
Remediation
References
Related Vulnerabilities
WordPress Plugin ecSTATic Arbitrary File Upload (0.9933)
WordPress Plugin String locator PHAR Deserialization (2.5.0)
WordPress Plugin Zibbra Cross-Site Scripting (1.7.0)
WordPress Plugin Article Directory Cross-Site Scripting (1.3)
WordPress Plugin Resume Submissions & Job Postings Arbitrary File Upload (2.5.1)