CERT/CC Vulnerability Note VU#380039The Ruby on Rails Action Pack framework is susceptible to authentication bypass, SQL injection, arbitrary code execution, or denial of service. The Ruby on Rails advisory states: "Multiple vulnerabilities in parameter parsing in Action Pack There are multiple weaknesses in the parameter parsing code for Ruby on Rails which allows attackers to bypass authentication systems, inject arbitrary SQL, in
