Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
In ActiveAdmin (aka Active Admin) before 2.12.0, a concurrency issue allows a malicious actor to access potentially private data (that belongs to another user) by making CSV export requests at certain specific times.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Active Admin 安全漏洞
Vulnerability Description
Active Admin是Active Admin开源的一个 Ruby on Rails 框架。用于为网站管理创建后端。 Active Admin 2.12.0之前版本存在安全漏洞,该漏洞源于允许攻击者在特定的时间发起CSV导出请求,从而访问另一用户的私有数据。
CVSS Information
N/A
Vulnerability Type
N/A