3 matches found
Exposed Dangerous Method Or Function
turboboost-commands is vulnerable to Exposed Dangerous Method or Functions. The vulnerability is due to the existing checks that aren't robust enough to prevent sophisticated attackers from invoking more methods than should be permitted. Although commands verify that the class must be a Command a...
CVE-2024-28181 Arbitrary method invocation turbo_boost-commands
turboboost-commands is a set of commands to help you build robust reactive applications with Rails & Hotwire. TurboBoost Commands has existing protections in place to guarantee that only public methods on Command classes can be invoked; however, the existing checks aren't as robust as they should...
CVE-2024-28181 Arbitrary method invocation turbo_boost-commands
turboboost-commands is a set of commands to help you build robust reactive applications with Rails & Hotwire. TurboBoost Commands has existing protections in place to guarantee that only public methods on Command classes can be invoked; however, the existing checks aren't as robust as they should...