Vulnerability Name
Classifications
Severity
Out of Band Code Evaluation (RoR – JSON)
PCI v3.2-6.5.1, CAPEC-356, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Out of Band Code Evaluation (RoR)
PCI v3.2-6.5.1, CAPEC-356, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N/RL:O
Critical
Code Evaluation (RoR)
PCI v3.2-6.5.1, CAPEC-356, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Code Evaluation (RoR – JSON)
PCI v3.2-6.5.1, CAPEC-356, CWE-94, HIPAA-164.306(a), 164.308(a), ISO27001-A.14.2.5, WASC-23, OWASP 2013-A1, OWASP 2017-A1, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N
Critical
Stack Trace Disclosure (RoR)
PCI v3.2-6.5.5, CAPEC-214, CWE-248, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-14, OWASP 2013-A5, OWASP 2017-A6, CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Medium
Version Disclosure (RoR)
CAPEC-170, CWE-205, HIPAA-164.306(a), 164.308(a), ISO27001-A.18.1.3, WASC-13, OWASP 2013-A5, OWASP 2017-A6
Low
Out-of-date Version (RoR)
PCI v3.2-6.2, CAPEC-310, CWE-1035, 937, HIPAA-164.308(a)(1)(i), ISO27001-A.14.1.2, OWASP 2013-A9, OWASP 2017-A9
Information
Invicti

Provably accurate, fast & easy-to-use Web Application Security Scanner

Get a demo