aboutsummaryrefslogtreecommitdiffstats
path: root/actionview/lib/action_view/helpers/text_helper.rb
diff options
context:
space:
mode:
authorMichael Koziarski <michael@koziarski.com>2013-12-02 10:12:47 +1300
committerAaron Patterson <aaron.patterson@gmail.com>2013-12-02 16:41:14 -0800
commitb31a7a6f1ec3c74f75b4cd12386b08295287418d (patch)
treeb76118ab77470679d0e4d4df43f7a3957c001b6b /actionview/lib/action_view/helpers/text_helper.rb
parent2e3c3a87d81e16a2fed442c1cf31360f75737a83 (diff)
downloadrails-b31a7a6f1ec3c74f75b4cd12386b08295287418d.tar.gz
rails-b31a7a6f1ec3c74f75b4cd12386b08295287418d.tar.bz2
rails-b31a7a6f1ec3c74f75b4cd12386b08295287418d.zip
Escape the unit value provided to number_to_currency
Previously the unit values were trusted leading to potential XSS vulnerabilities. Fixes: CVE-2013-6415
Diffstat (limited to 'actionview/lib/action_view/helpers/text_helper.rb')
0 files changed, 0 insertions, 0 deletions
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-28 05:41:12 +0000