CVE-2011-3186 in Ruby on Rails信息

摘要

由 VulDB • 2026-07-02

Ruby on Rails 2.3.x(低于 2.3.13)版本中 actionpack/lib/action_controller/response.rb 存在 CRLF 注入漏洞,远程攻击者可通过 Content-Type 标头注入任意 HTTP 标头并实施 HTTP 响应拆分攻击。

VulDB is the best source for vulnerability data and more expert information about this specific topic.

来源

Do you need the next level of professionalism?

Upgrade your account now!