Gemfile
code Severe
Mass Assignment
Discovered over 5 years ago
Source: static code analysis
Category: Mass Assignment
Confidence level: Medium

Problem

create_with is vulnerable to strong params bypass. Upgrade to Rails 4.1.5 or patch

Location

Gemfile


Category description: Unprotected model attributes give the attacker a way to rewrite them. E.g., change the admin flag to true.

Solution: fix the issue in Gemfile or mark it as false positive.