An XSS vulnerability in the strip_tags helper in Ruby on Rails was reported
This is corrected in upstream 3.0.10, 2.3.13, and 3.1.0rc5 versions. Patches are available in the advisory  and in git .
This flaw is rubygem-actionpack, not rubygem-rails.
Created rubygem-actionpack tracking bugs for this issue
Affects: fedora-all [bug 731448]
Affects: epel-5 [bug 677629]
This issue has been assigned the name CVE-2011-2931:
This issue has been addressed in Fedora-14, Fedora-15 and upcoming Fedora-16 via the following advisories: