aboutsummaryrefslogtreecommitdiffstats
path: root/actionpack/CHANGELOG.md
diff options
context:
space:
mode:
Diffstat (limited to 'actionpack/CHANGELOG.md')
-rw-r--r--actionpack/CHANGELOG.md6
1 files changed, 6 insertions, 0 deletions
diff --git a/actionpack/CHANGELOG.md b/actionpack/CHANGELOG.md
index 75d9b557f2..d696656521 100644
--- a/actionpack/CHANGELOG.md
+++ b/actionpack/CHANGELOG.md
@@ -1,3 +1,9 @@
+* Converts hashes in arrays of unfiltered params to unpermitted params.
+
+ Fixes #13382
+
+ *Xavier Noria*
+
* New config option to opt out of params "deep munging" that was used to
address security vulnerability CVE-2013-0155. In your app config:
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-02 11:42:06 +0000