Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs

This just got (more) real: Researchers today unleashed exploit code for a pair of newly found vulnerabilities in the popular Web application programming platform Ruby on Rails (RoR), as well as a new Metasploit module for the most serious of the two flaws, raising concerns of potentially damaging attacks to come on Web servers and databases.

via Attack Code, Metasploit Module Released For Serious Ruby On Rails Bugs – Dark Reading.

Security experts recommend patching RoR apps now if you have not already done so. Said O’Donnell in a blog post yesterday: