Количество 6
Количество 6
CVE-2023-22797
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability.
CVE-2023-22797
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability.
CVE-2023-22797
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability.
CVE-2023-22797
An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new ...
GHSA-9445-4cr6-336r
Open Redirect Vulnerability in Action Pack
BDU:2023-07160
Уязвимость программной платформы Ruby on Rails, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-22797 An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability. | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
 | CVE-2023-22797 An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability. | CVSS3: 6.5 | 0% Низкий | около 3 лет назад |
 | CVE-2023-22797 An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new protection against open redirects from calling redirect_to with untrusted user input. In prior versions the developer was fully responsible for only providing trusted input. However the check introduced could allow an attacker to bypass with a carefully crafted URL resulting in an open redirect vulnerability. | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
| CVE-2023-22797 An open redirect vulnerability is fixed in Rails 7.0.4.1 with the new ... | CVSS3: 6.1 | 0% Низкий | почти 3 года назад |
| GHSA-9445-4cr6-336r Open Redirect Vulnerability in Action Pack | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
 | BDU:2023-07160 Уязвимость программной платформы Ruby on Rails, связанная с переадресацией URL на ненадежный сайт, позволяющая нарушителю перенаправить пользователя на произвольный URL-адрес | CVSS3: 6.1 | 0% Низкий | около 3 лет назад |
Уязвимостей на страницу