Narou
1 CVEs
product
Monthly
Narou (aka Narou.rb) before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RCE
Code Injection
Narou
NVD
GitHub
CVSS 3.1
9.8
EPSS
1.4%
CVE-2021-35514
Ruby
EPSS 1%
CVSS 9.8
CRITICAL
PATCH
Act Now
Narou (aka Narou.rb) before 3.8.0 allows Ruby Code Injection via the title name or author name of a novel. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.
RCE
Code Injection
Narou
NVD
GitHub