6 matches found
Linux Distros Unpatched Vulnerability : CVE-2021-44528
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a X-Forwarded-Host headers in combination with certain allowed...
[SECURITY] [DSA 5372-1] rails security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5372-1 [email protected] https://www.debian.org/security/ Aron Xu March 13, 2023 https://www.debian.org/security/faq - -------------------------------------------------------------------------...
CVE-2021-44528
creationtimestamp| type| source ---|---|--- 2022-01-10 16:21:05+00:00| seen| https://t.me/cibsecurity/35167 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-44528.yaml 2024-02-08 12:26:40+00:00| seen|...
CVE-2021-44528
A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...
CVE-2021-44528
CVE-2021-44528 describes an open redirect in Rails Action Pack (≥6.0.0) via crafted X-Forwarded-Host headers combined with certain allowed-host formats, triggering redirects by the Host Authorization middleware. The NVD entry lists CVSS v2 base score 5.8 and CVSS v3.1 base score 6.1 (both MEDIUM)...
CVE-2021-44528
A open redirect vulnerability exists in Action Pack = 6.0.0 that could allow an attacker to craft a "X-Forwarded-Host" headers in combination with certain "allowed host" formats can cause the Host Authorization middleware in Action Pack to redirect users to a malicious website...