All versions of Ruby on Rails vulnerable to SQL injection All of the current versions of the Ruby on Rails Web framework have a SQL injection vulnerability that could allow an attacker to inject code into Web applications. The vulnerability is a serious one given the widespread use of the popular framework for developing Web apps, and the maintainers of Ruby on Rails have released new versions that fixes the flaw, versions 3.2.10, 3.1.9 and 3.0.18. If a mod thinks this post would be better placed in another forum, please feel free to move it. "Security" seemed to be a good fit, though this again underscores the need for cPanel to bring their RoR support into this century. Please! It's like the horror of TomCat versions all over again.