Skip to main content

Web Console

1 CVEs product

Monthly

CVE-2015-3224 Ruby MEDIUM POC PATCH THREAT This Month

request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 85.3%.

Authentication Bypass Web Console
NVD GitHub Exploit-DB
CVSS 2.0
4.3
EPSS
85.3%
Threat
4.9
EPSS 85% 4.9 CVSS 4.3
MEDIUM POC PATCH THREAT This Month

request.rb in Web Console before 2.1.3, as used with Ruby on Rails 3.x and 4.x, does not properly restrict the use of X-Forwarded-For headers in determining a client's IP address, which allows remote. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 85.3%.

Authentication Bypass Web Console
NVD GitHub Exploit-DB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy