CVE-2023-50448
Summary: CVE-2023-50448 affects ActiveAdmin (Ruby on Rails) before 2.12.0, where a concurrency issue in the CSV export path can let a user access data belonging to another user. The root cause is a shared, unsynchronized variable that holds the collection to be exported, allowing timing-based lea...