Skip to main content

Activeadmin

1 CVEs product

Monthly

CVE-2023-50448 Ruby MEDIUM PATCH This Month

In ActiveAdmin (aka Active Admin) before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data (that belongs to another user) by making CSV export requests at. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Activeadmin
NVD GitHub
CVSS 3.1
6.5
EPSS
0.5%
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

In ActiveAdmin (aka Active Admin) before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data (that belongs to another user) by making CSV export requests at. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Information Disclosure Activeadmin
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy