CVE-2020-8164

Publication date

2020-06-19 17:04:13

Family

hackerone

State

PUBLISHED

Description

A deserialization of untrusted data vulnerability exists in rails < 5.2.4.3, rails < 6.0.3.1 which can allow an attacker to supply information can be inadvertently leaked fromStrong Parameters.