1 results (0.010 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1
CVE-2019-16676
https://notcve.org/view.php?id=CVE-2019-16676
Plataformatec Simple Form has Incorrect Access Control in file_method? in lib/simple_form/form_builder.rb, because a user-supplied string is invoked as a method call. Plataformatec Simple Form, presenta un Control de Acceso Incorrecto en file_method? en biblioteca lib/simple_form/form_builder.rb, porque una cadena suministrada por el usuario es invocada como una llamada a un método. • http://blog.plataformatec.com.br/2019/09/incorrect-access-control-in-simple-form-cve-2019-16676 https://github.com/plataformatec/simple_form/commits/master https://github.com/plataformatec/simple_form/security/advisories/GHSA-r74q-gxcg-73hx • CWE-20: Improper Input Validation •