← volver
CVE-2013-0233

CVE-2013-0233

23Vexday Risk Score

Corrige pronto. Ella tiene exploit funcional público.

ssvc Attendepss 14%
de la publicación al arma0 días
Publicada en NVD25 abr
metasploit28 ene
probabilidad de explotación
14%top 4% de las CVE
explotación observada
noninguna fuente lo reporta
Devise gem 2.2.x before 2.2.3, 2.1.x before 2.1.3, 2.0.x before 2.0.5, and 1.5.x before 1.5.4 for Ruby, when using certain databases, does not properly perform type conversion when performing database queries, which might allow remote attackers to cause incorrect results to be returned and bypass security checks via unknown vectors, as demonstrated by resetting passwords of arbitrary accounts.
Productos afectados
n/a · n/a