# File lib/brakeman/checks/check_single_quotes.rb, line 16
  def run_check
    return if uses_rack_escape?

    if version_between? '2.0.0', '2.3.14'
      message = msg("All Rails 2.x versions do not escape single quotes ", msg_cve("CVE-2012-3464"))
    else
      message = msg(msg_version(rails_version), " does not escape single quotes ", msg_cve("CVE-2012-3464"), ". Upgrade to ")

      case
      when version_between?('3.0.0', '3.0.16')
        message << msg_version('3.0.17')
      when version_between?('3.1.0', '3.1.7')
        message << msg_version('3.1.8')
      when version_between?('3.2.0', '3.2.7')
        message << msg_version('3.2.8')
      else
        return
      end
    end

    warn :warning_type => "Cross-Site Scripting",
      :warning_code => :CVE_2012_3464,
      :message => message,
      :confidence => :medium,
      :gem_info => gemfile_or_environment,
      :link_path => "https://groups.google.com/d/topic/rubyonrails-security/kKGNeMrnmiY/discussion"
  end