Rails_admin_project Rails_admin
4 CVEs affecting Rails_admin_project Rails_admin. Latest disclosed: 2024-07-08. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2016-10522 | High | 8.8 | 2018-07-05 | rails_admin ruby gem <v1.1.1 is vulnerable to cross-site request forgery (CSRF) attacks. Non-GET methods were not validating CSRF tokens and, as a result, an a… |
CVE-2020-36190 | Medium | 6.1 | 2021-01-12 | RailsAdmin (aka rails_admin) before 1.4.3 and 2.x before 2.0.2 allows XSS via nested forms. |
CVE-2017-12098 | Medium | 6.1 | 2018-01-19 | An exploitable cross site scripting (XSS) vulnerability exists in the add filter functionality of the rails_admin rails gem version 1.2.0. A specially crafted… |
CVE-2024-39308 | Medium | 5.4 | 2024-07-08 | RailsAdmin is a Rails engine that provides an interface for managing data. RailsAdmin list view has the XSS vulnerability, caused by improperly-escaped HTML ti… |