Lucene search

K
nessusThis script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.WEB_APPLICATION_SCANNING_112720
HistoryMar 12, 2021 - 12:00 a.m.

Rails < 4.2.11.3 / 5.x < 5.0.1 Remote Code Execution

2021-03-1200:00:00
This script is Copyright (C) 2021-2024 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
11

There is a code injection vulnerability in versions of Rails prior to 4.2.11.3 and 5.x prior to 5.0.1 that would allow an attacker who controlled the β€œlocals” argument of a β€œrender” call to perform a Remote Code Execution.

No source data
VendorProductVersion
arubyonrailsrails