ADVISORIES
- OSVDB-132800
- Vendor Advisory
GEM
PATCHED VERSIONS
- >= 0.5.0
DESCRIPTION
auto_select2 Gem for Ruby contains a flaw that is triggered when handling the ‘params[:default_class_name]’ option. This allows users to search any object of all given ActiveRecord classes.