CVE-2013-7249 (fat_free_crm): Fat Free CRM Gem for Ruby allows remote attackers to obtain sensitive informations

December 24th, 2013

ADVISORIES

CVE-2013-7249 (NVD)
GHSA-f25h-3mj6-4jpg
OSVDB-101700

GEM

fat_free_crm

SEVERITY

CVSS v2.0: 5.0 (Medium)

PATCHED VERSIONS

>= 0.13.0
~> 0.12.1

DESCRIPTION

Fat Free CRM contains a flaw that is triggered when the attacker sends a direct request for XML data. This may allow a remote attacker to gain access to potentially sensitive information.

RubySec

CVE-2013-7249 (fat_free_crm): Fat Free CRM Gem for Ruby allows remote attackers to obtain sensitive informations

ADVISORIES

GEM

SEVERITY

PATCHED VERSIONS

DESCRIPTION

Recent Advisories