Ruby · Ruby On Rails · CVE-2011-0448
**Name of the Vulnerable Software and Affected Versions**
Ruby on Rails versions 3.0.x through 3.0.3
**Description**
The issue allows remote attackers to conduct SQL injection attacks via a non-numeric argument to the limit function, as it does not ensure that arguments specify integer values.
**Recommendations**
For Ruby on Rails versions 3.0.x through 3.0.3, update to version 3.0.4 or later to resolve the issue.