Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
activeadmin active admin vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-51763
csv_builder.rb in ActiveAdmin (aka Active Admin) prior to 3.2.0 allows CSV injection.
Activeadmin Active Admin
6.5
CVSSv3
CVE-2023-50448
In ActiveAdmin (aka Active Admin) prior to 2.12.0, a concurrency issue allows a malicious actor to access potentially private data (that belongs to another user) by making CSV export requests at certain specific times.
Activeadmin Activeadmin
NA
CVE-2024-37031
The Active Admin (aka activeadmin) framework prior to 3.2.2 for Ruby on Rails allows stored XSS in certain situations where users can create entities (to be later edited in forms) with arbitrary names, aka a "dynamic form legends" issue. 4.0.0.beta7 is also a fixed vers...
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started