Skip to main content

Administrate

1 CVEs product

Monthly

CVE-2020-5257 Ruby HIGH PATCH This Week

In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Nosql Injection SQLi Administrate
NVD GitHub
CVSS 3.1
8.1
EPSS
0.9%
EPSS 1% CVSS 8.1
HIGH PATCH This Week

In Administrate (rubygem) before version 0.13.0, when sorting by attributes on a dashboard, the direction parameter was not validated before being interpolated into the SQL query. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, low attack complexity.

Nosql Injection SQLi Administrate
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy