Rails · Rails · CVE-2011-1497
**Name of the Vulnerable Software and Affected Versions**
Rails versions prior to 3.0.6
**Description**
A cross-site scripting issue was found in the `auto link` function. This affects the ability to properly handle user input, potentially leading to malicious script execution.
**Recommendations**
For versions prior to 3.0.6, update to version 3.0.6 or later to resolve the issue. As a temporary workaround, consider disabling the `auto link` function until a patch is available.