Description
The (1) jdom.rb and (2) rexml.rb components in Active Support in Ruby on Rails before 4.1.11 and 4.2.x before 4.2.2, when JDOM or REXML is enabled, allow remote attackers to cause a denial of service (SystemStackError) via a large XML document depth.
Remediation
References
Related Vulnerabilities
WordPress Plugin Popular Posts by BestWebSoft Cross-Site Scripting (1.0.4)
WordPress Plugin RentPress Cross-Site Scripting (6.6.4)
WordPress Plugin Minimal Coming Soon & Maintenance Mode-Coming Soon Page Security Bypass (1.87)
WordPress 4.9.x Multiple Vulnerabilities (4.9 - 4.9.8)
WordPress Plugin Audio Player Cross-Site Scripting (2.0.4.5)