Lucene search

K
cvelistMitreCVELIST:CVE-2011-0449
HistoryFeb 21, 2011 - 5:00 p.m.

CVE-2011-0449

2011-02-2117:00:00
mitre
www.cve.org
1

AI Score

6.3

Confidence

Low

EPSS

0.011

Percentile

84.8%

actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters.

AI Score

6.3

Confidence

Low

EPSS

0.011

Percentile

84.8%