Product
A cross-site scripting (XSS) vulnerability has been discovered in Ruby on Rails versions prior to 1.7.1, enabling a remote attacker to perform an indirect remote code injection, allowing malicious scripts to be executed in the client's browser.