IBM Security Bulletin: Vulnerabilities in Ruby on Rails affect IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis (CVE-2015-3226)
A vulnerability in ActiveSupport component of Ruby on Rails framework used by IBM License Metric Tool and IBM Endpoint Manager for Software Use Analysis allows for stealing authentication cookies with cross-site scripting attack . CVE(s):...
from IBM Product Security Incident Response Team http://ift.tt/1FUzkIV
from IBM Product Security Incident Response Team http://ift.tt/1FUzkIV