A vulnerability classified as critical was found in koroket RedditOnRails. This vulnerability affects unknown code of the component Vote Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The patch is identified as 7f3c7407d95d532fcc342b00d68d0ea09ca71030. It is recommended to apply a patch to fix this issue. VDB-217594 is the identifier assigned to this vulnerability.
References
Link | Resource |
---|---|
https://github.com/koroket/RedditOnRails/commit/7f3c7407d95d532fcc342b00d68d0ea09ca71030 | Patch Third Party Advisory |
https://vuldb.com/?ctiid.217594 | Third Party Advisory VDB Entry |
https://vuldb.com/?id.217594 | Third Party Advisory VDB Entry |
Configurations
History
29 Feb 2024, 01:14
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
07 Nov 2023, 02:18
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-284 |
20 Oct 2023, 07:15
Type | Values Removed | Values Added |
---|---|---|
Summary | A vulnerability classified as critical was found in koroket RedditOnRails. This vulnerability affects unknown code of the component Vote Handler. The manipulation leads to improper access controls. The attack can be initiated remotely. The patch is identified as 7f3c7407d95d532fcc342b00d68d0ea09ca71030. It is recommended to apply a patch to fix this issue. VDB-217594 is the identifier assigned to this vulnerability. | |
CWE |
12 Jan 2023, 16:52
Type | Values Removed | Values Added |
---|---|---|
References | (MISC) https://github.com/koroket/RedditOnRails/commit/7f3c7407d95d532fcc342b00d68d0ea09ca71030 - Patch, Third Party Advisory | |
References | (MISC) https://vuldb.com/?id.217594 - Third Party Advisory, VDB Entry | |
References | (MISC) https://vuldb.com/?ctiid.217594 - Third Party Advisory, VDB Entry | |
CPE | cpe:2.3:a:reddit-on-rails_project:reddit-on-rails:*:*:*:*:*:ruby:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 4.3 |
First Time |
Reddit-on-rails Project
Reddit-on-rails Project reddit-on-rails |
07 Jan 2023, 09:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-01-07 09:15
Updated : 2024-04-11 00:51
NVD link : CVE-2014-125054
Mitre link : CVE-2014-125054
CVE.ORG link : CVE-2014-125054
JSON object : View
Products Affected
reddit-on-rails_project
- reddit-on-rails
CWE
CWE-284
Improper Access Control