RSS   Vulnerabilities for 'THIN'   RSS

2009-09-22
 
CVE-2009-3287

CWE-20
 

 
lib/thin/connection.rb in Thin web server before 1.2.4 relies on the X-Forwarded-For header to determine the IP address of the client, which allows remote attackers to spoof the IP address and hide activities via a modified X-Forwarded-For header.

 


Copyright 2024, cxsecurity.com

 

Back to Top