Red Hat Enterprise Linux 7 update for ruby

CERT-LatestNews ThreatsCybercrime ThreatsEconomic VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesLinux VulnerabilitiesOS
Exploit availability: No Description. CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') The disclosed vulnerability allows a remote attacker to perform cross-site scripting (XSS) attacks. The vulnerability exists due to insufficient sanitization of user-supplied data in Gem::UserInteraction#verbose.