RSS   Vulnerabilities for 'Simple form'   RSS

2019-09-30
 
CVE-2019-16676

CWE-20
 

 
Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call.

 

 >>> Vendor: Plataformatec 2 Products
Devise
Simple form


Copyright 2024, cxsecurity.com

 

Back to Top