RSS   Vulnerabilities for 'Actionpack page-caching'   RSS

2020-05-12
 
CVE-2020-8159

CWE-22
 

 
There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view.

 

 >>> Vendor: Rubyonrails 12 Products
Ruby on rails
Rails
Ruby on ra2000ils
Jquery-rails
Jquery-ujs
Web console
Html sanitizer
Active job
Active storage
Actionview
Actionpack page-caching
Active resource


Copyright 2020, cxsecurity.com

 

Back to Top