Description
Cross-site scripting (XSS) vulnerability in the to_json (ActiveRecord::Base#to_json) function in Ruby on Rails before edge 9606 allows remote attackers to inject arbitrary web script via the input values.
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2013-0429 Vulnerability (CVE-2013-0429)
XWiki Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2022-41932)
WebLogic Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2022-23437)
WordPress Plugin SiteGuard WP Information Disclosure (1.7.6)
Oracle Database Server CVE-2014-6541 Vulnerability (CVE-2014-6541)