Workaround for CVE-2010-3933

Hi,

First look this vulnerability issue:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3933

My application models: http://pastie.org/1709174

On my departments form, when user selects a health unit, I copy all
health
unit attributes including address and street.

The parameters hash looks like this: http://pastie.org/1709217

But this was considered a vunerability issue, the CVE-2010-3933.

How I can do that on newer versions of rails? I need to set the address
for
the new department but I should be able to edit this attributes (nested
form).

Suggestions?

On Thu, Mar 24, 2011 at 1:18 PM, Gabriel Sobrinho <

This forum is not affiliated to the Ruby language, Ruby on Rails framework, nor any Ruby applications discussed here.

| Privacy Policy | Terms of Service | Remote Ruby Jobs