Bug#429177: [CVE-2007-3227] XSS vulnerability in to_json

Moritz Muehlenhoff wrote: Adam Majer wrote: Since this is a XSS problem, I don't think it needs a grave severity. But then some will argue otherwise. Also, nothing on the "Ruby on Rails security announcement list"... h (Note, I don't know Ruby on Rails). Does the affected function cla

Bug#429177: [CVE-2007-3227] XSS vulnerability in to_json

Adam Majer wrote: > Florian Weimer wrote: > >Package: rails > >Version: 1.2.3-2 > >Severity: grave > >Tags: security upstream > > > >An XSS vulnerability in code that uses to_json has been disclosed: > > > > > > > >Please mention the name CVE-2007-3227 in t

Bug#429177: [CVE-2007-3227] XSS vulnerability in to_json

Florian Weimer wrote: Package: rails Version: 1.2.3-2 Severity: grave Tags: security upstream An XSS vulnerability in code that uses to_json has been disclosed: Please mention the name CVE-2007-3227 in the changelog when fixing this bug. Do you think

Bug#429177: [CVE-2007-3227] XSS vulnerability in to_json

Package: rails Version: 1.2.3-2 Severity: grave Tags: security upstream An XSS vulnerability in code that uses to_json has been disclosed: Please mention the name CVE-2007-3227 in the changelog when fixing this bug. Do you think that an upgrade for the