Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2025/02/05 1:1 a.m.11 views

CVE-2024-28121

stimulusreflex is a system to extend the capabilities of both Rails and Stimulus by intercepting user interactions and passing them to Rails over real-time websockets. In affected versions more methods than expected can be called on reflex instances. Being able to call some of them has security...

8.8CVSS6.7AI score0.01555EPSS
Exploits3References1
Packet Storm
Packet Storm
added 2024/03/14 12:0 a.m.383 views

StimulusReflex 3.5.0 Arbitrary Code Execution

StimulusReflex CVE-2024-28121 Arbitrary code execution in StimulusReflex. This affects version 3.5.0 up to and including 3.5.0.rc2 and v3.5.0.pre10. Vulnerable code excerpt stimulusreflex/lib/stimulusreflex/reflex.rb Invoke the reflex action specified by name and run all callbacks def processname...

8.8CVSS7.4AI score0.01555EPSS
Exploits3
0day.today
0day.today
added 2024/03/14 12:0 a.m.312 views

StimulusReflex 3.5.0 Arbitrary Code Execution Exploit

StimulusReflex versions 3.5.0 up to and including 3.5.0.rc2 and 3.5.0.pre10 suffer from an arbitrary code execution vulnerability. StimulusReflex CVE-2024-28121 Arbitrary code execution in StimulusReflex. This affects version 3.5.0 up to and including 3.5.0.rc2 and v3.5.0.pre10. Vulnerable code...

8.8CVSS9AI score0.01555EPSS
Exploits3
Circl
Circl
added 2024/03/12 9:22 p.m.11 views

CVE-2024-28121

creationtimestamp| type| source ---|---|--- 2024-03-12 21:22:12+00:00| seen| https://t.me/ctinow/206165 2024-03-12 21:26:43+00:00| seen| https://t.me/ctinow/206177 2024-03-13 21:07:20+00:00| seen| https://t.me/ctinow/207158...

8.8CVSS8.1AI score0.01555EPSS
Exploits3References3
Vulnrichment
Vulnrichment
added 2024/03/12 7:44 p.m.15 views

CVE-2024-28121 Reflex arbitrary method call in stimulus_reflex

stimulusreflex is a system to extend the capabilities of both Rails and Stimulus by intercepting user interactions and passing them to Rails over real-time websockets. In affected versions more methods than expected can be called on reflex instances. Being able to call some of them has security...

8.8CVSS8.6AI score0.01555EPSS
Exploits3References6
Rows per page
Query Builder