exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 5

CVE-2008-7248

около 16 лет назад

Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.

CVSS2: 6.8

EPSS: Средний

CVE-2008-7248

около 17 лет назад

Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.

CVSS2: 4.3

EPSS: Средний

CVE-2008-7248

около 16 лет назад

Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.

CVSS2: 6.8

EPSS: Средний

CVE-2008-7248

около 16 лет назад

Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify ...

CVSS2: 6.8

EPSS: Средний

GHSA-8fqx-7pv4-3jwm

около 8 лет назад

Improper Input Validation in actionpack

EPSS: Средний

Уязвимостей на страницу

Уязвимость	CVSS	EPSS	Опубликовано
CVE-2008-7248 Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.	CVSS2: 6.8	11% Средний	около 16 лет назад
CVE-2008-7248 Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.	CVSS2: 4.3	11% Средний	около 17 лет назад
CVE-2008-7248 Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify tokens for requests with certain content types, which allows remote attackers to bypass cross-site request forgery (CSRF) protection for requests to applications that rely on this protection, as demonstrated using text/plain.	CVSS2: 6.8	11% Средний	около 16 лет назад
CVE-2008-7248 Ruby on Rails 2.1 before 2.1.3 and 2.2.x before 2.2.2 does not verify ...	CVSS2: 6.8	11% Средний	около 16 лет назад
GHSA-8fqx-7pv4-3jwm Improper Input Validation in actionpack		11% Средний	около 8 лет назад

Уязвимостей на страницу