Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Ruby on Rails Generation of Error Message Containing Sensitive Information Vulnerability - CVE-2021-22885 - Vulnerability Database
Ruby on Rails

Ruby on Rails Generation of Error Message Containing Sensitive Information Vulnerability - CVE-2021-22885

High
Reference: CVE-2021-22885
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2021-22885
Title: Ruby on Rails Generation of Error Message Containing Sensitive Information Vulnerability
Overview:

A possible information disclosure / unintended method execution vulnerability in Action Pack gt 2.0.0 when using the redirect_to or polymorphic_urlhelper with untrusted user input.