Security Advisory

CVE-2020-7981

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-01-25 19:18:35

Last updated 2024-08-04 09:48:24

Assigner mitre

State PUBLISHED

Description

sql.rb in Geocoder before 1.6.1 allows Boolean-based SQL injection when within_bounding_box is used in conjunction with untrusted sw_lat, sw_lng, ne_lat, or ne_lng data.

← Browse all CVEs View on cve.org ↗