Security Advisory

CVE-2020-8162

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-06-19 17:02:42

Last updated 2024-08-04 09:48:25

Assigner hackerone

State PUBLISHED

Description

A client side enforcement of server side security vulnerability exists in rails < 5.2.4.2 and rails < 6.0.3.1 ActiveStorages S3 adapter that allows the Content-Length of a direct file upload to be modified by an end user bypassing upload limits.

← Browse all CVEs View on cve.org ↗