An argument injection vulnerability in Dragonfly Ruby Gem v1.3.0 allows malicious users to read and write arbitrary files when the verify_url option is disabled. This vulnerability is exploited via a crafted URL.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
dragonfly project dragonfly 1.3.0 |