Last Updated: February 25, 2016
·
483
· hvictorsolis

Heads Up: Rails ActionPack Parameter Parsing Vulnerabilities

#rails
#security

"There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application."

You can download the patches here.

#rails
#security

Written by Victor Solis

Say Thanks
Respond

Related protips

Encrypted HTTP “Basic” Auth in #Rails (Digest Auth + Salt)

1.769K
0

Simple but mostly forgotten by many people, securing secret_token.rb

1.397K
0

RoR input sanitization

1.309K
0

Have a fresh tip? Share with Coderwall community!

Post
Post a tip
Best #Rails Authors
sebastialonso
225.2K
#rails
#CSS
#JavaScript
sergiotapia
142.8K
#rails
#Ruby
#Elixir
jamesdullaghan
91.03K
#rails
#JavaScript
#Ruby
edokun_
88.01K
#rails
#Ruby
#Python
rorykoehler
80.91K
#rails
#Postgres
#Coffeescript
Related Tags
#rails
#security
Sponsored by
#native_company#
#native_desc#
#native_cta#
Filed Under
Ruby on Rails Development Tips
Awesome Job
See All Jobs
Post a job for only $299
Thanks to our sponsor
Sponsored by #native_company# — Learn More
#native_title# #native_desc#
#native_cta#