CVSS v2: 4.3 (Medium)
- ~> 3.2.16
- >= 4.0.2
There is a vulnerability in the internationalization component of Ruby on Rails. Under certain common configurations an attacker can provide specially crafted input which will execute a reflective XSS attack.
The root cause of this issue is a vulnerability in the i18n gem which has been assigned the identifier CVE-2013-4492.