The Square Squash allows remote malicious users to execute arbitrary code via a YAML document in the (1) namespace parameter to the deobfuscation function or (2) sourcemap parameter to the sourcemap function in app/controllers/api/v1_controller.rb.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
squash square squash - |