ADVISORIES

• CVE-2023-51763 (NVD)
• GHSA-rqxc-9p8h-xqgq

GEM

activeadmin

SEVERITY

CVSS v3.x: 8.4 (High)

PATCHED VERSIONS

• >= 3.2.0

DESCRIPTION

csv_builder.rb in ActiveAdmin (aka Active Admin) before 3.2.0 allows CSV injection.

RELATED

• https://nvd.nist.gov/vuln/detail/CVE-2023-51763
• https://github.com/activeadmin/activeadmin/releases/tag/v3.2.0
• https://github.com/activeadmin/activeadmin/pull/8161
• https://github.com/activeadmin/activeadmin/commit/697be2b183491beadc8f0b7d8b5bfb44f2387909
• https://github.com/advisories/GHSA-rqxc-9p8h-xqgq