Last Updated: February 25, 2016
·
485
· hvictorsolis

Heads Up: Rails ActionPack Parameter Parsing Vulnerabilities

"There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, inject and execute arbitrary code, or perform a DoS attack on a Rails application."

You can download the patches here.