Corrective updates to the Ruby on Rails 7.0.4.1, 6.1.7.1 and 6.0.6.1 framework have been published, fixing 6 vulnerabilities. The most dangerous vulnerability (CVE-2023-22794) can lead to the execution of SQL commands specified by the attacker when using external data in comments processed in ActiveRecord. The problem is caused by the lack of necessary escaping of special characters in comments before they are stored in the DBMS.
The second vulnerability (CVE-2023-22797) can be applied to forwarding to other pages (open redirect) when using unverified external data in the redirect_to handler. The remaining 4 vulnerabilities lead to a denial of service due to the creation of a high load on the system (mainly due to the processing of external data in inefficient and long-running regular expressions).
Source: opennet.ru