Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Ruby on Rails Improper Input Validation Vulnerability - CVE-2010-3933 - Vulnerability Database
Ruby on Rails

Ruby on Rails Improper Input Validation Vulnerability - CVE-2010-3933

Medium
Reference: CVE-2010-3933
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2010-3933
Title: Ruby on Rails Improper Input Validation Vulnerability
Overview:

Ruby on Rails 2.3.9 and 3.0.0 does not properly handle nested attributes which allows remote attackers to modify arbitrary records by changing the names of parameters for form inputs.