Cisco Blogs
Share

Vulnerability Spotlight: Ruby Rails Gem XSS Vulnerabilities

- January 10, 2018 - 0 Comments

Talos has discovered two XSS vulnerabilities in Ruby Rails Gems. Rails is a Ruby framework designed to create web services or web pages. Ruby Gems is a package manager for distributing software packages as ‘gems’. The two XSS vulnerabilities were discovered in two different gem packages: delayed_job_web and rails_admin.

Ruby is widely used as a language for web development. Gem packages allow software engineers to reuse code across multiple development projects. As such, the discovery of a vulnerability in a gem may mean that many different systems are affected by that vulnerability.

Read More >>

Tags:

In an effort to keep conversations fresh, Cisco Blogs closes comments after 60 days. Please visit the Cisco Blogs hub page for the latest content.