CVE-2016-2098

Posted on 2016년 4월 8일2016년 4월 8일 by admin

CVE-2016-2098

Action Pack in Ruby on Rails before 3.2.22.2, 4.x before 4.1.14.2, and 4.2.x before 4.2.5.2 allows remote attackers to execute arbitrary Ruby code by leveraging an application’s unrestricted use of the render method.

Source: CVE-2016-2098

답글 남기기 응답 취소