Ruby on Rails


28 total issues disclosed

$23,250 total paid publicly


Most disclosed (6 disclosures) — Cross-site Scripting (XSS) - Generic

View disclosed reports



Disclosed Reports


Report Title Vulnerability Type Disclosed By Severity Disclosed on
XSS by file (Active Storage `Proxying`) Cross-site Scripting (XSS) - Stored ooooooo_q Medium 2020-09-02
The authenticity_token can be reversed and used to forge valid per_form_csrf_tokens for arbitrary routes Cross-Site Request Forgery (CSRF) jregele Medium 2020-08-27
Untrusted users able to run pending migrations in production Denial of Service tenderlove Medium 2020-07-24
File writing by Directory traversal at actionpack-page_caching and RCE by it Path Traversal ooooooo_q High 2020-07-13
Rack parses encoded cookie names allowing an attacker to send malicious `__Host-` and `__Secure-` prefixed cookies Reliance on Cookies without Validation and Integrity Checking in a Security Decision fletchto99 Low 2020-06-16
XSS due to incomplete JS escaping Cross-site Scripting (XSS) - Generic jessecampos Low 2020-05-15
Missing resource identifier encoding may lead to security vulnerabilities Information Disclosure jobert Medium 2020-05-13
Path Traversal on Default Installed Rails Application (Asset Pipeline) Path Traversal orange Medium 2018-07-19
XSS vulnerability in sanitize-method when parsing link's href Cross-site Scripting (XSS) - Generic kaarloh Medium 2018-03-22
Unsafe Query Generation (CVE-2012-2660, CVE-2012-2694 and CVE-2013-0155) mitigation bypass None supplied joernchen No rating 2018-02-07
Data-Tags and the New HTML Sanitizer Subverts CSRF protection Cross-site Scripting (XSS) - Generic benmmurphy No rating 2016-03-13
http_basic_authenticate_with is suseptible to timing attacks. Improper Authentication - Generic d_w No rating 2016-03-13
[Rails42] We can inject HTML tags when server is using strip_tags method Cross-site Scripting (XSS) - Generic arthurnn No rating 2016-03-13
DoS Attack in Controller Lookup Code Denial of Service tenderlove No rating 2016-03-13
Potential XSS on sanitize/Rails::Html::WhiteListSanitizer Cross-site Scripting (XSS) - Generic garnu No rating 2016-03-13
Regarding [CVE-2016-0752] Possible Information Leak Vulnerability in Action View Code Injection jyotisingh No rating 2016-03-01
Remote code execution using render :inline Code Injection kratob2 No rating 2016-03-01
Nested attributes reject_if proc can be circumvented by providing "_destroy" parameter None supplied jcoyne High 2016-02-13
Changeable model ids on vanilla update can lead to severely bad side-effects Violation of Secure Design Principles zachaysan No rating 2016-02-12
Validation bypass for Active Record and Active Model Violation of Secure Design Principles backus Medium 2016-02-12
Explicit, dynamic render path: Dir. Trav + RCE Code Injection forced-request High 2016-02-12
Directory traversal attack in view resolver Information Disclosure lautis No rating 2015-07-09
Denial of Service in Action Pack Exception Handling Denial of Service ff7f00 No rating 2015-06-16
rails-ujs will send CSRF tokens to other origins Cross-Site Request Forgery (CSRF) mastahyeti No rating 2015-06-16
RCE due to Web Console IP Whitelist bypass in Rails 4.0 and 4.1 Code Injection joernchen No rating 2015-06-16
JSON keys are not properly escaped Cross-site Scripting (XSS) - Generic einstein_ High 2015-06-16
Arbitrary file existence disclosure in Action Pack None supplied nahamsec No rating 2014-11-20
Active Record SQL Injection Vulnerability Affecting PostgreSQL None supplied seantheprogrammer No rating 2014-07-02