1 results (0.004 seconds)
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0
CVE-2013-7134
https://notcve.org/view.php?id=CVE-2013-7134
Juvia uses the same secret key for all installations, which allows remote attackers to have unspecified impact by leveraging the secret key in app/config/initializers/secret_token.rb, related to cookies. Juvia utiliza la misma clave secreta para todas las instalaciones, lo que permite a atacantes remotos tener un impacto no especificado mediante el aprovechamiento de la clave secreta en app/config/initializers/secret_token.rb, relacionado con cookies. • http://www.openwall.com/lists/oss-security/2013/12/16/3 http://www.openwall.com/lists/oss-security/2013/12/18/1 https://github.com/phusion/juvia/issues/55 • CWE-255: Credentials Management Errors •