7 matches found
CVE-2015-20108
xmlsecurity.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used...
CVE-2015-20108
creationtimestamp| type| source ---|---|--- 2023-05-27 22:37:44+00:00| seen| https://t.me/cibsecurity/64742...
CVE-2015-20108
xmlsecurity.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used...
CVE-2015-20108
xmlsecurity.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used...
CVE-2015-20108
xmlsecurity.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used...
CVE-2015-20108
xmlsecurity.rb in the ruby-saml gem before 1.0.0 for Ruby allows XPath injection and code execution because prepared statements are not used...
CVE-2015-20108
The CVE-2015-20108 issue affects the ruby-saml gem prior to 1.0.0, where xml_security.rb enables XPath injection and code execution because prepared statements are not used. Affected component: ruby-saml XML security handling. Root cause: lack of prepared statements in XPath processing leads to i...