Thousands of websites based on Ruby on Rails vulnerable to Cookie Handling flaw
vendredi 29 novembre 2013 à 15:53Ruby on Rails contains a flaw in its design that may allow attackers to more easily access applications. Websites that rely on Ruby on Rails’s default cookie storage mechanism CookieStore are at risk.
The vulnerability was actually reported two months ago, but still thousands of website are running a vulnerable version of Ruby on Rails that allows a malicious attacker to gain unauthorized access