FreeBSD : rubygem-rails -- JSON XSS vulnerability (44fb0302-9d38-11dc-9114-001c2514716c)
Medium Nessus Plugin ID 28350
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionRails core team reports :
All users of Rails 1.2.4 or earlier are advised to upgrade to 1.2.5, though it isn't strictly necessary if you aren't working with JSON.
For more information the JSON vulnerability, see CVE-2007-3227.
SolutionUpdate the affected packages.