Description
actionpack/lib/action_dispatch/routing/route_set.rb in Action Pack in Ruby on Rails 4.x before 4.2.5.1 and 5.x before 5.0.0.beta1.1 allows remote attackers to cause a denial of service (superfluous caching and memory consumption) by leveraging an application's use of a wildcard controller route.
Remediation
References
Related Vulnerabilities
WordPress Plugin WebARX Cross-Site Scripting (1.3.0)
WordPress Plugin WordPress Sentinel Multiple Vulnerabilities (1.0.0)
datatables Cross-site Scripting (XSS) Vulnerability (CVE-2015-6584)
MySQL CVE-2019-2974 Vulnerability (CVE-2019-2974)
WordPress Plugin Advanced Custom Fields (ACF) Cross-Site Scripting (4.4.3)