Yukihiro Matsumoto » Ruby : Security Vulnerabilities, CVEs, Published In 2004
The FileStore capability in CGI::Session for Ruby before 1.8.1, and possibly PStore, creates files with insecure permissions, which can allow local users to steal session information and hijack sessions.
Max CVSS
2.1
EPSS Score
0.04%
Published
2004-10-20
Updated
2017-10-11
1 vulnerabilities found