Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Ruby on Rails Improper Input Validation Vulnerability - CVE-2016-2098 - Vulnerability Database
Ruby on Rails

Ruby on Rails Improper Input Validation Vulnerability - CVE-2016-2098

High
Reference: CVE-2016-2098
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2016-2098
Title: Ruby on Rails Improper Input Validation Vulnerability
Overview:

Action Pack in Ruby on Rails before 3.2.22.2 4.x before 4.1.14.2 and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application39s unrestricted use of the render method.