5 matches found
CVE-2023-34102
creationtimestamp| type| source ---|---|--- 2025-01-08 16:20:00+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/725...
CVE-2023-34102
Avo is an open source ruby on rails admin panel creation framework. The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes...
CVE-2023-34102 Possible unsafe reflection / partial denial of service in avo
Avo is an open source ruby on rails admin panel creation framework. The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes...
CVE-2023-34102
CVE-2023-34102 affects the Avo Rails admin panel framework. The polymorphic field type accepts user-provided class names without backend validation, which can lead to unexpected behavior, remote code execution, or application crashes when viewing manipulated records. The issue is mitigated by the...
CVE-2023-34102 Possible unsafe reflection / partial denial of service in avo
Avo is an open source ruby on rails admin panel creation framework. The polymorphic field type stores the classes to operate on when updating a record with user input, and does not validate them in the back end. This can lead to unexpected behavior, remote code execution, or application crashes...