A web developer's worst nightmare, your site has been compromised. It's been hacked, taken down, defaced, data stolen, users alienated and furious, and it's all your fault. You didn't secure the site. But don't worry, Rails has your back. One of the most common vulnerability classes is the Cross-Site Scripting (XSS) vulnerability, but Ruby on Rails has largely mitigated these attacks. You should still know about them though.