[CVE-2014-0130] Directory Traversal Vulnerability With Certain Route Configuration

For anyone who doesn’t subscribe to the security list (you should!)

https://groups.google.com/forum/#!msg/rubyonrails-security/NkKc7vTW70o/NxW_PDBSG3AJ

You may want to note that an earlier advisory made out that only apps
using
*action in their routes were affected, but this turned out not to be
true

Fred

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs