From secunia security advisory at $URL: Description: Certain input passed to the translate helper method is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site. Successful exploitation requires that rails_xss plugin is used. Solution: Update to version 3.0.11
Successful exploitation requires that rails_xss plugin is used. @ruby, I don't know much about ruby/rails, but I have not foundt the xss plugin that the advisory says. Can you check if there is a security problem?
(In reply to comment #1) > Successful exploitation requires that rails_xss plugin is used. > > @ruby, I don't know much about ruby/rails, but I have not foundt the xss plugin > that the advisory says. Can you check if there is a security problem? Rails 2.3.x does not have an issue because people can choose to install the xss plugin on their own. It is not bundled in the code we ship. We should bump 3.0.x since the XSS code is included natively in that version.
Rails 3.0.11 is now in the tree. Since no stable versions were affected I guess we don't need a GLSA?
(In reply to comment #3) > Since no stable versions were affected I guess we don't need a GLSA? Yes, since only 3.x is affected.
CVE-2011-4319 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2011-4319): Cross-site scripting (XSS) vulnerability in the i18n translations helper method in Ruby on Rails 3.0.x before 3.0.11 and 3.1.x before 3.1.2, and the rails_xss plugin in Ruby on Rails 2.3.x, allows remote attackers to inject arbitrary web script or HTML via vectors related to a translations string whose name ends with an "html" substring.