Hacker News new | comments | show | ask | jobs | submit login

This is a follow up from https://groups.google.com/forum/#!topic/rubyonrails-security... (HN discussion: https://news.ycombinator.com/item?id=7705415).

Additional attack vectors have been discovered, so you may be vulnerable even without "*action" globbing in your routes. All users are advised to upgrade to a fixed version or apply the supplied patches.

Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | DMCA | Apply to YC | Contact