matestack-ui-core (RubyGem) before 0.7.4 is vulnerable to XSS/Script injection.
This vulnerability is patched in version 0.7.4.
matestack-ui-core