Public Ruby on Rails bug reports.

Team Bounty Title
Ruby on Rails - Remote code execution using render :inline
Ruby on Rails - Regarding [CVE-2016-0752] Possible Information Leak Vulnerability in Action View
Ruby on Rails - Validation bypass for Active Record and Active Model
Ruby on Rails - http_basic_authenticate_with is suseptible to timing attacks.
Ruby on Rails - Nested attributes reject_if proc can be circumvented by providing "_destroy" parameter
Ruby on Rails - DoS Attack in Controller Lookup Code
Ruby on Rails - [Rails42] We can inject HTML tags when server is using strip_tags method
Ruby on Rails $2,000 Potential XSS on sanitize/Rails::Html::WhiteListSanitizer
Ruby on Rails - Changeable model ids on vanilla update can lead to severely bad side-effects
Ruby on Rails $1,000 rails-ujs will send CSRF tokens to other origins
Ruby on Rails - JSON keys are not properly escaped
Ruby on Rails - Explicit, dynamic render path: Dir. Trav + RCE
Ruby on Rails $500 RCE due to Web Console IP Whitelist bypass in Rails 4.0 and 4.1
Ruby on Rails $1,000 Arbitrary file existence disclosure in Action Pack
Ruby on Rails - Denial of Service in Action Pack Exception Handling
Ruby on Rails - Data-Tags and the New HTML Sanitizer Subverts CSRF protection
Ruby on Rails $1,500 Active Record SQL Injection Vulnerability Affecting PostgreSQL
Ruby on Rails $1,500 Active Record SQL Injection Vulnerability Affecting PostgreSQL
Ruby on Rails $1,500 Directory traversal attack in view resolver