If you find a security vulnerability in the code please don't post it anywhere publicly. This would get every single installation into more danger. Instead report it to us directly so we can create a security patch. After a few days, when users of the Gem have updated their installation we disclose the issue publicly.
Send us an email to [email protected].