There is a vulnerability in actionpack_page-caching gem < v1.2.1 that allows an attacker to write arbitrary files to a web server, potentially resulting in remote code execution if the attacker can write unescaped ERB to a view.
| Package (Ecosystem) | Introduced | Fixed | Limit |
|---|---|---|---|
| actionpack-page_caching(RubyGems) | 0 | 1.2.1 | N/A |
CVSS Metrics
