activerecord/lib/active_record/relation/query_methods.rb in Active Record in Ruby on Rails 4.0.x prior to 4.0.9 and 4.1.x prior to 4.1.5 allows remote malicious users to bypass the strong parameters protection mechanism via crafted input to an application that makes create_with calls.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rubyonrails rails 4.0.0 |
||
rubyonrails rails 4.0.2 |
||
rubyonrails rails 4.0.3 |
||
rubyonrails rails 4.0.7 |
||
rubyonrails rails 4.1.0 |
||
rubyonrails rails 4.1.3 |
||
rubyonrails rails 4.1.4 |
||
rubyonrails rails 4.0.8 |
||
rubyonrails rails 4.0.1 |
||
rubyonrails rails 4.0.6 |
||
rubyonrails rails 4.1.2 |
||
rubyonrails rails 4.0.4 |
||
rubyonrails rails 4.0.5 |
||
rubyonrails rails 4.1.1 |