Lucene search

K
prionPRIOn knowledge basePRION:CVE-2011-0449
HistoryFeb 21, 2011 - 6:00 p.m.

Design/Logic Flaw

2011-02-2118:00:00
PRIOn knowledge base
www.prio-n.com
8

AI Score

7

Confidence

Low

EPSS

0.011

Percentile

84.8%

actionpack/lib/action_view/template/resolver.rb in Ruby on Rails 3.0.x before 3.0.4, when a case-insensitive filesystem is used, does not properly implement filters associated with the list of available templates, which allows remote attackers to bypass intended access restrictions via an action name that uses an unintended case for alphabetic characters.

AI Score

7

Confidence

Low

EPSS

0.011

Percentile

84.8%