RubySec

Providing security resources for the Ruby community

CVE-2012-1099 (actionpack): Ruby on Rails actionpack/lib/action_view/helpers/form_options_helper.rb Manually Generated Select Tag Options XSS

ADVISORIES

GEM

actionpack

FRAMEWORK

rails

SEVERITY

CVSS v2: 4.3

PATCHED VERSIONS

  • ~> 3.0.12
  • ~> 3.1.4
  • >= 3.2.2

DESCRIPTION

Ruby on Rails contains a flaw that allows a remote cross-site scripting (XSS) attack. This flaw exists because the application does not validate manually generated ‘select tag options’ upon submission to actionpack/lib/action_view/helpers/form_options_helper.rb. This may allow a user to create a specially crafted request that would execute arbitrary script code in a user’s browser within the trust relationship between their browser and the server.